login
Search
Posted Jun 17, 2008 18:33 UTC (Tue) by olecom (guest, #42886) [Link]
IT bubble days are over. Linux kernel (almost the only useful FOSS thing left) tries to not loose it's volume.
Developers do what they do on limited resources, using dumb tools or no tools at all, saving buzz-hype using PR fuzz. It is a social and economical problem, not a technical and/or ethical one.
If GRSecurity/PaX wants to save this only FOSS thing from security holes, then systematic education, automation of audit and code creation by tools must be employed, database of broken C/API usage must be collected, those patterns must be coded and automated by static analysis on the source editing stage.
This must big and hard step, step forward. But your even smaller resources are wasted to fix and confront consequences. Also i don't see something mentioned in your workflow/goals. And investing into something as moot as all this even for "better future", isn't the way business
wants to make money today.
Top developers try to stay in tune with hardware support/performance side of the technology development. Or they do, what they know how to do best or just somehow (another fs, another scheduler, etc.). They and many others are doing this by basic think+edit+patch+debug(rc1, rcX)... No `git` or similar can eliminate "thinking" and knowledge there.
While automated checking and automated creating of code may reduce debug stages and predict problems on level higher than `gcc -Wall`. Again step forward. But this again against those companies, who milk from static analysis, security audit and consulting.
Linus tries to bring tools, but all so far made, were NIH reimplementation of existing ones. Systematic approach like regression tracking is a craft of committed individuals, no automated tools are available also. And their work is also in some kind of fuzzy state.
Problem of those cargo-cult security specialists, grown under the shadows of LKML and dark ages of Linux 0.99, now being on the top of the food chain and don't want to listen or revolutioning something, is one of all human kind. Just look at present science and thus education, politics, economics, etc... Unless they will gain more, one have no luck. In case of retire, make sure you/your agenda have educated and skilled youngsters to propose and
compete.
posted here: http://lwn.net/Articles/286393/
handcrafted programmers and other matters
tools -- engineering and industry
predictions -- science
plain and simple, unless you are in jungle fighting for food.
Very interesing is the fact, that science *was* born among rich and fed. Now everyone is brainwashed by current corrupted scince to pay taxes and grants for *their* fed happiness. Crap.
Same with top developers. They want to be fed already. Plain and simple. And if Linus says, he has money for children's education, i'd advise to think twice who are the teaches and what is the modern educational/brainwashing system.