On 08/09/2013 12:00 AM, [email protected] wrote:
...
The first one. We all know that the operating system OpenBSD largely
depends on lead, so what will happen when time will come for Theo? We
all know that so far people do not live thousands of years... I think
that not only me would be interesting to know the future of this great
project in case something happens. Please do not misunderstand me here,
I do not wish anything bad for Theo, I just need to be sure that there
are others who could keep project going.
same thing that happens for any open source volunteer project, or any
sole proprietorship...or any corporation. Someone(s) may step up, they
may not. They may succeed in keeping the team together, they may not.
The project may improve, it may "lessen".
A friend of mine used to work for a big corporate services company, one
that was structured for long-term survival and so on. Well, she lost
her job quite unexpectedly shortly after much of the company's
leadership was lost all at once. You see, their corporate offices were
in the top floors of the World Trade Center...
The only certainty is change. Being that OpenBSD is lead by one person,
when that leadership changes, there WILL be change. Hopefully, the net
will be good, but you can be sure it will be mixed.
That's true no matter what, though. change happens. it should always
be part of everything you implement -- the tools you use today may not
exist in two years, and probably won't exist in recognizable form in 20
years. If you aren't a few weeks from retirement, this needs to be
thought about.
Part of any good implementation plan should include how a product *will
be replaced when need be*. Most consumers aren't used to thinking about
that...however commercial software vendors are quite familiar with the
idea...and do what they can to keep you from switching products --
vendor lock-in. The problem is...you have now locked your company's
future into the health and welfare not of that vendor, but of that PRODUCT.
I cringe when I see companies dropping all their documents into
proprietary document imaging systems and shredding the originals.. What
do they plan to do /when/ the product becomes unsupported and
unsupportable? Do they realize they have married that company, not like
a modern marriage where a trip to a lawyer will dissolve it, but the old
style, "'til death do us part" style? Usually not.
However, if OpenBSD vanished tomorrow, the current version and its
source code would be out there, someone will try to keep it up for a
while, I'm sure, and meanwhile, you can migrate elsewhere.
Compare this to committee run projects which have gone stagnant...were
people may not notice they have in effect shut down...
2nd: how would OpenBSD leaders and developers would react, that OS they
developing is powering most illegal things which you probably can't
dream on?
you know...I'm saddened.
not that "bad guys" are using OpenBSD...but that the "good guys" don't.
We create the tools to take a battle tank into a spitball fight... and
they prefer the little plastic cap that says "Stay Dry" on it. "It must
work, it says 'stay-dry!'"
Most people *still* haven't learned that there is more to security than
saying "I'm secure". So the people selling kiddie porn are taking
security more seriously than your bank. That says something, I don't
think I like what.
I wouldn't be surprised if some damn fool somewhere uses a connection to
"bad stuff" to discourage the use of OpenBSD and other good tools. Lots
of damn fools in the world.
What I'm saying, is it possible that under certain
circumstances OpenBSD people could silently include trojan or any other
related piece of code which could lead of compromise of machines which
are powering deep web ?
I can't imagine anyone on the OpenBSD project going for the idea of
adding any kind of attack against any kind of user, as it could be used
to go after ALL kinds of users. The track record of those kind of
things is bad -- usually, they end up causing as much trouble for the
innocent as the target ... see "Stuxnet".
Nick.
