[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cURL author receives rude LogJ4 security inquiry

From: Akira Urushibata
Subject: Re: cURL author receives rude LogJ4 security inquiry
Date: Sat, 26 Feb 2022 11:30:27 +0900 (added by address@hidden)

Thank you for joining in the discussion.
I would like to hereby remind fellow list members of the context.

I am sorry that Daniel Stenberg, maintainer of cURL chooses the term
"open source" in the following.  But we should understand what he is
talking about.  Call it the "free software pyramid" if you so desire.

LogJ4 Security Inquiry - Response Required

  I think maybe this serves as a good example of the open source pyramid
  and users in the upper layers not at all thinking of how the lower
  layers are maintained. Building a house without a care about the
  ground the house stands on.

Enforcing the pyramid of Open Source


According to Daniel Stenberg, there exists a pyramid in which the
companies at the top make much money by selling products and services
which make use of free software components.  Those on the bottom of
the pyramid commonly get little or no money for the work of producing and
maintaining the fundamental building blocks.  Because they form the
foundation of sophisticated software and services, problems at this
level may have widespread, devastating effects.  The general public,
corporate directors, educators and elected officials do not understand
that this is going on.  Stenberg provides email from a big company
which he believes attests to this lack of understanding.

Recently there is discussion on the book "Just for fun" by Linus
Torvalds and David Diamond.  I would like to emphasize that this book
is intended for a general audience - not computer experts.  Ordinary
people have but a vague idea of what an operating system is.  What
does someone like that imagine from the word "OS"?  Likely Microsoft
Windows and Mac-OS.  Those who hear that "a young Finnish student
named Linus created Linux, an OS, mostly by himself" will imagine that
he made something like MS-Windows, or at least MS-DOS.

Any writer who desires to explain correctly what feat Torvalds
accomplished should make clear in language appropriate for the layman
that his creation, should it be called the "Linux OS", is something
remarkably different from MS-Windows.

There may be passages in "Just for fun" which indicate that Torvalds
was well aware that he was making no more than a kernel and borrowing
other vital OS components.  But we cannot expect the general reader
to make that distinction.

Daniel Stenberg warns that we should brace ourselves for more security
problems in the future - unless the environment changes.

I firmly believe that the widely observed behavior of technology
writers and self-proclaimed experts failing or refusing to understand
that Linux is a kernel and not an operating system is a glaring
symptom which indicates that the environment that requires reform.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]