Comment Re:This is the price you pay for "free" (Score 1) 2
perhaps if all the companies making billions off free software were to actually contribute to and fund such open projects, they'd be able to employ the necessary team to find those bugs. if companies don't want to act responsibly about the software they use, then they bear the burden. boohoo.
converse to the argument "this is the price you pay for 'free'", if openssl were a closed development project owned by some company, its certainly possible the same flaw could have existed, except they wouldn't have to tell anyone about it once found -> some hardware might have never gotten fixed, or the bug could have propagated into many more products over many years, the sum-total of that discovery would be far beyond what we are looking at now.
converse to the argument "this is the price you pay for 'free'", if openssl were a closed development project owned by some company, its certainly possible the same flaw could have existed, except they wouldn't have to tell anyone about it once found -> some hardware might have never gotten fixed, or the bug could have propagated into many more products over many years, the sum-total of that discovery would be far beyond what we are looking at now.