Microsoft fucks their developers in the ass... AGAIN
-
@blakeyrat I am sad I can only give this one like. I have been an open source dev... never again.
-
@Arantor If you insult me and I feel mildly annoyed instead of insulted, isn't it an insult none the less?
-
@wharrgarbl if you're not insulted by it, it's by definition not insulting you, therefore not an insult to you, therefore where problem?
It sounds like you're taking offense on the basis that someone might be offended by it. In any case, it's kind of designed to be something of an insult, yes, because it's pointing out a terrible methodology of doing something that people continue to do despite it being bad, and being nicer about it didn't help...
-
@blakeyrat said in Microsoft fucks their developers in the ass... AGAIN:
All eyes make bugs shallow
I think this has been thoroughly disproven in the last few years.
Yeah, a lot of security holes in the last few years : Heartbleed, Shellshock and POODLE.
On the other hand, in the closed-source world:
- December 2016: 6 remote code execution
- January 2017: 2 remote code execution
- February 2017: 1 remote code execution
- March 2017: 12 remote code execution
See, in only 4 months, 21 remote code execution compared to only 3 in the last few years.
Proof right there that open source can't compete with closed source
-
@TimeBandit That's only the ones you know about. That's not to say that there are fewer bugs in open source, or that build quality is worse in closed source. Merely that of the reported bugs, there are this many acknowledged bugs in one camp and this many acknowledged in the other.
And I think you're comparing all of Windows (including things like IE) with a subset of things on a Linux environment. Include Chrome or similar on your list for Linux, how does that stack up? What about Samba? Does Linux have an equivalent of Hyper-V? Should include Apache too while we're at it (because your link for MS for March includes IIS)
Compare like for like and see how it stacks up.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
@wharrgarbl if you're not insulted by it, it's by definition not insulting you, therefore not an insult to you, therefore where problem?
It still mildly annoyed me. So what should I call it? My point is that I didn't like this name. I'll just call it "opensource methodology", that's how blakey call it, and nobody pointed a better, more accurate name for that IMO.
-
@Arantor Where is that "thoroughly disproven in the last few years" thing coming from ?
Oh yeah, blakey's shoulder aliens
-
@TimeBandit When you start comparing like for like, I'll start taking your 'thoroughly disproven' argument seriously.
And if anything I'd almost argue that Heartbleed's existence is actually evidence that it doesn't work as well as hoped for.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
And if anything I'd almost argue that Heartbleed's existence is actually evidence that it doesn't work as well as hoped for.
Then closed source is a total failure proven by this
https://www.bleepingcomputer.com/news/security/google-researchers-find-wormable-crazy-bad-windows-exploit/right in the Microsoft Malware Protection Engine
-
@TimeBandit Nice strawman you have there. Closed source has its problems - road to hell/good intentions notwithstanding.
But to suggest that open source is all rainbows and unicorns is clearly not nearly as viable as is suggested.
How about we start with Sturgeon's Law? 90% of all of it is shite, open or closed. Closed source may not have the supposed advantage of visibility on bugs. Open source may not have the actual advantage of being usable.
-
@TimeBandit said in Microsoft fucks their developers in the ass... AGAIN:
See, in only 4 months, 21 remote code execution compared to only 3 in the last few years.
You're saying the entire open source community has only had three remote code execution exploits in "the last few years"? I don't believe you. I'm too lazy to look it up myself, but there's literally no way that's true.
But that's not the point. Regardless of whether Microsoft or the open source world have better security outcomes in general, the meme "many eyes make all bugs shallow" is utter crap. It has no basis in reality. That's true even if Microsoft had 50,000 remote code execution vulnerabilities.
And THAT is the point I actually made. The point you're ignoring so you can be snarky about the Micro$haftz, hahaha I saw that on Slashdot guyz! Here's a new bulletpoint:
- Whenever you bring up any flaw to an open source fan, they always take great pains to demonstrate that Microsoft is just as bad, as if that makes their flaw "ok" somehow.
It's not. Ok Thunderbird has the flaw. BUT SO DOES OUTLOOK! Great, all that means is everybody suffers. That can't be used as an excuse to avoid fixing the flaw.
I mean say what you want about the Apple fanboys, but at least when you're debating with them it's not a constant string of "but but Microsoft! But Microsoft! But look at Microsoft guys!" responses. They'll evaluate their platform on its own merits without the pointless dick-measuring.
-
@blakeyrat We're living in a world where I agree more and more with Blakeyrat. It's like Blakeyrat had meaningful arguments that actually made sense from the start but were disregarded because 'shoulder aliens' because they happen to not fit the narrative some people want like the 'hahaha M$' people.
-
@wharrgarbl said in Microsoft fucks their developers in the ass... AGAIN:
@Arantor If you insult me and I feel mildly annoyed instead of insulted, isn't it an insult none the less?
What if he didn't insult you and you felt mildly annoyed?
-
@Arantor Some of us continue to try to do good things to the best of our ability, whatever others' cynicism and shoulder aliens say. Our metric of goodness might not be yours, but damnit, we're going to try to do good anyway.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
But to suggest that open source is all rainbows and unicorns is
clearly not nearly as viable as is suggesteda strawman.
-
@dkf I have done my share of open source, but ultimately the happy huggy feelz weren't doing me any good.
-
@Arantor Let me quote things for you since you seem too lazy to do it.
@blakeyrat said in Microsoft fucks their developers in the ass... AGAIN:
All eyes make bugs shallow
(I think this has been thoroughly disproven in the last few years.
then you said
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
I'll start taking your 'thoroughly disproven' argument seriously.
That was not my argument
-
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
But to suggest that open source is all rainbows and unicorns is
clearly not nearly as viable as is suggesteda strawman.:thatsthepoint.jpg:
-
@TimeBandit said in Microsoft fucks their developers in the ass... AGAIN:
@Arantor Let me quote things for you since you seem too lazy to do it.
What am I, a mod?
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
It's like Blakeyrat had meaningful arguments that actually made sense from the start but were disregarded because 'shoulder aliens' because they happen to not fit the narrative some people want like the 'hahaha M$' people.
Uh. No. I mean, yeah, he has some meaningful arguments but he also has lots of nonsense. Speaking for myself.
-
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
Uh. No. I mean, yeah, he has some meaningful arguments but he also has lots of nonsense. Speaking for myself.
Fuck if that's the criteria, that applies to everyone here! Everyone has some meaningful arguments and lots of nonsense too!
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
But to suggest that open source is all rainbows and unicorns is
clearly not nearly as viable as is suggesteda strawman.:thatsthepoint.jpg:
Oh...so you weren't agreeing with blakey about all that? Sorry, I was getting the opposite impression. Also, no one had suggested anything like "rainbows and unicorns" (not since the discopocalypse).
-
@boomzilla No, I was mocking TimeBandit's position on the matter after the assertion that open source has many fewer critical bugs and thus was kind of being toted as rainbows and unicorns.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
Uh. No. I mean, yeah, he has some meaningful arguments but he also has lots of nonsense. Speaking for myself.
Fuck if that's the criteria, that applies to everyone here! Everyone has some meaningful arguments and lots of nonsense too!
That's what criteria? Look, I'm just saying that you can't dismiss people disagreeing with blakey because of some anti-MS attitude or whatever.
-
@boomzilla Everyone here has reasonable ideas and everyone here has lots of nonsense but a lot of people dismiss Blakeyrat solely because it's Blakeyrat and shoulder aliens.
His points are valid here though.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
the happy huggy feelz weren't doing me any good
Well, I do it for the happy huggy feelz, and I separately write code for my employer for moolah (which they release under an OSS license for their own reasons). The happy huggy feelz are part of a “keep @dkf (somewhat) sane” plan I've got, and also I get to find out about cool stuff that people do with it from time to time. It's pretty cool when someone tells you out of the blue that your library has helped them make a great product.
I do not require my reasons to be taken up by anyone else. They're just my reasons.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
@boomzilla No, I was mocking TimeBandit's position on the matter after the assertion that open source has many fewer critical bugs and thus was kind of being toted as rainbows and unicorns.
OK, so you were making up a strawman. Just like I said in the first place.
-
@boomzilla Where did I make the strawman? @TimeBandit was the one that was suggesting that open source software unilaterally has fewer critical bugs.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
His points are valid here though.
Sort of. I mean...yeah, those attitudes are crap.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
@boomzilla Where did I make the strawman? @TimeBandit was the one that was suggesting that open source software unilaterally has fewer critical bugs.
"Fewer critical bugs" is not at all what you were conveying. "No critical bugs" would have been more like it, but that's not what he said, it's the strawman you were arguing against.
-
@dkf I found that open source came with an awful lot of people being shitty and demanding because they thought they were entitled to have things developed for them, for free, exactly how they wanted it to work.
Not a lot of huggy feelz there :(
If it works for you, great. It must work for some people, but it really doesn't for others, even if it is a noble thing to want to do.
-
@boomzilla He was suggesting that Windows had 21 critical bugs in 4 months and open source had 3 critical bugs in several years, and that the principle reason for this was open source development.
Doesn't seem valid to me.
-
@Arantor you didn't see the blakey thread pattern?
- Blakey writes an interesting and long post. Sometimes it's an unpopular or harsh opinion, but almost always interesting.
- Someone start challenging him with some small irrelevant detail and keep insisting on it
- Thread is derailed into flames
- Blakey mutes the topic
-
@wharrgarbl Sure I did. I was just trying to derail the pattern so reasonable opinions weren't blown out of the topic by bullshit.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
Doesn't seem valid to me.
So make a point, don't misrepresent it. I suspect there were additional remote code vulnerabilities that he didn't mention, too, but he still didn't say anything that could be reasonably construed as "rainbows and unicorns."
-
@boomzilla artistic licence is awesome for hyperbolicly conveying a point.
Maybe I need more practice at this debate thing again.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
artistic licence is awesome for hyperbolicly conveying a point.
It can be.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
I found that open source came with an awful lot of people being shitty and demanding because they thought they were entitled to have things developed for them, for free, exactly how they wanted it to work.
Huh. I really don't see that very much at all. The occasional person doesn't really grasp that producing a piece of foundational software requires extreme care (i.e., we usually won't accept commits unless they build on all our supported platforms, have passing test cases, and have both documentation and a high-level explanation of what the big idea is about) but being solid on what our scope is (we know what we do and what we don't do) makes it so much easier to stop silly things.
The persistently impolite get rapidly ostracised. That particular community has a low tolerance for that sort of thing. OTOH, there's also a great appreciation for anyone doing cool stuff, and a willingness to share techniques. I'm of the general opinion that stable software communities are those that include a healthy number of small businesses as they don't jump ship on a political whim.
Not a lot of huggy feelz there :(
If it works for you, great. It must work for some people, but it really doesn't for others, even if it is a noble thing to want to do.
I hear you.
-
@dkf @arantor Seems to be talking about entitled users. For shitty stuff developers do to each other in opensource there is good in the ffmpeg - libav fork
-
@wharrgarbl This is more like my experience.
-
@Arantor said in Microsoft fucks their developers in the ass... AGAIN:
CADT
Yesterday evening proved again the exponential distribution of intervals and Google's legendary anti-talent in naming projects.
-
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
I suspect there were additional remote code vulnerabilities that he didn't mention, too, but he still didn't say anything that could be reasonably construed as "rainbows and unicorns."
Well, the argument started from "many eyes make all bugs shallow", which TimeBandit seemed to defend and which does have a bit of a rainbows-and-unicorny ring to it.
-
@ixvedeusi said in Microsoft fucks their developers in the ass... AGAIN:
Well, the argument started from "many eyes make all bugs shallow", which TimeBandit seemed to defend and which does have a bit of a rainbows-and-unicorny ring to it.
That's because it's pure BS. Some bugs go astoundingly deep. Most don't, but there's always a few which break through many levels of abstraction and cause headaches for everyone…
-
@dkf heartbleed looks really obvious and stupid by it's description, yet nobody noticed it in the code
-
@ixvedeusi said in Microsoft fucks their developers in the ass... AGAIN:
@boomzilla said in Microsoft fucks their developers in the ass... AGAIN:
I suspect there were additional remote code vulnerabilities that he didn't mention, too, but he still didn't say anything that could be reasonably construed as "rainbows and unicorns."
Well, the argument started from "many eyes make all bugs shallow", which TimeBandit seemed to defend and which does have a bit of a rainbows-and-unicorny ring to it.
But it's also not really wrong. The flawed assumption is that the eyes are going to be looking at / for the bugs which of course isn't guaranteed. But a post like yours that adds detail and nuanced isn't going to draw the same sort of fire as something very general like @arantor's.
-
@wharrgarbl said in Microsoft fucks their developers in the ass... AGAIN:
@dkf heartbleed looks really obvious and stupid by it's description, yet nobody noticed it in the code
True. There are so many things like that, where we wonder how we didn't see something that looks so obvious in retrospect.
-
Open source doesn't make bugs more shallow, it opens the pool to more scuba divers.
-
@Zecc Given how many people looking for vulnerabilities target closed-source software, I don't think the number of scuba divers is all that different.
-
@boomzilla being nuanced is awfully like doing work.
-
@blakeyrat said in Microsoft fucks their developers in the ass... AGAIN:
the meme "many eyes make all bugs shallow" is utter crap
Its not a meme, its a completely incorrect aphorism coined by Eric Raymond. However "many eyes make all bugs shallow" is still only 903rd on the list of "incorrect things stated as fact by Eric Raymond, ordered by decreasing incorrectness".