[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Recompilation of ALL Debian packages ...



martin f krafft <madduck@debian.org> writes:
> also sprach Russ Allbery <rra@debian.org> [2006.09.02.0852 +0200]:

>> You're probably not going to convince me on this, so it may not be
>> worth wasting time on arguing about it when we both agree on the
>> fundamental goal.

> Neither have you convinced me. The important thing to consider is that
> there are always two types of clients: executives and clued people. The
> clued people understand your reasoning (and I claim I do too, which
> makes me clued; woohoo!). The executives don't. And it's easier to teach
> Go or Bridge to a group of monkeys than it is to hammer sense into
> executives when it comes to technical stuff.

Feh, I think that's a cop-out.  It's not that hard to explain, or that
hard to understand, and I've worked with plenty of executives who can
understand that concept just fine when explained in terms that they're
familiar with.  Besides, one of the major reasons why I work on free
software projects like Debian is precisely because I have no intention of
considering the opinions of those ignorant of the issues involved when
determining questions of technical policy.

The idea that source code can be trojaned just as easily as binaries is a
very old one, even apart from impressive demonstrations involving C
compilers.  Consider this from twelve years ago, for instance:

    <http://www.cert.org/advisories/CA-1994-14.html>

I can explain that to an executive just fine.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>



Reply to: