[kwlug-disc] Security arguments

Khalid Baheyeldin kb at 2bits.com
Fri Oct 2 09:39:03 EDT 2009


> I will admit that being an open source programmer takes guts, but it's
> the kind that can be hedged.


I would not as far as to call it "guts", but there is certainly a fear
factor
involved, like other things that most people dread (public speaking,
...etc.).

Once you have that mental barrier behind you, and release your first
few modules/programs/..etc. for everyone to rip apart and criticize,
it is no longer an issue. You will get praises and more users than the
few complainers.


> As long as you don't release your code
> with the attitude and the expectation that your code is perfect,
> the community can be fairly forgiving.
>
> You don't have to pull a Dan Bernstein and scoff at everyone else while
> writing "perfect" software. :-)  That's way too much pressure to put on
> yourself.
>

Agreed.


> And by releasing incrementally, you let the users provide feedback, and
> everyone starts hammering out the bugs, including security bugs.
>

A related point: leverage the community! Don't work alone. Free software
is not only about freedom, but also about collaborative work. The community
will extend your stuff in ways you never thought about. They will spot bugs.
They will provide patches for bugs they or other find. They will upgrade
your
software to newer API versions. They will write documentation. They do
advocacy for your software.

Once you realize it is not "your software", but "our software" and you are
a custodian/maintainer, all this comes together nicely.

Oh, and challenge the complainers to contribute rather than criticize only.

So, Use the Community, Luke ...
-- 
Khalid M. Baheyeldin
2bits.com, Inc.
http://2bits.com
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
Simplicity is the ultimate sophistication. --   Leonardo da Vinci
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20091002/04dac4cd/attachment.html>


More information about the kwlug-disc_kwlug.org mailing list