Re: Summer of Code 2006, should Debian take part?
On Thu, Apr 20, 2006 at 07:27:03AM +0100, MJ Ray wrote:
> Petter Reinholdtsen <firstname.lastname@example.org>
> > [...] and I believe (as well as others who voiced this idea
> > elsewhere) Debian should take part too. [...]
> We should note that Google makes a lot of their money from
> proprietary software
So do IBM and HP, and Linus before he left Transmeta. So what?
> and don't fix their bugs (more updates coming to
> http://mjr.towers.org.uk/blog/2006/google when I get time, but
> www.jibbering.com has been good recently),
Well, that certainly got my attention.
jibbering.com talks about a security flaw which was posted to bugtraq
near the beginning of this month and which is about how google allows
XSS on their search pages.
It appears to have been fixed now; or at least, the links Jibbering Jim
provides don't work for me.
I don't know about you, but personally, I think it's very reasonable for
any company to actually _check_ their fixes before they install them in
a rush (and find out that it breaks a whole lot of other things). Even
if that wasn't the case, I don't think that an outstanding bug which is
less than a month old is enough to be able to reasonably claim "they
don't fix their bugs".
Fun will now commence
-- Seven Of Nine, "Ashes to Ashes", stardate 53679.4