Can you give any examples of the bolded statement?

So get a booster.

I was under the impression that OpenBSD did not enable heartbeats by default and, as such, was not vulnerable to Heartbleed by default.

Am I wrong?

Scaring the prey away from the hunters is interferring with the hunt.

How do they know the code they've been given is the actual code used to generate the shipped binaries?

Can those Enterprise partners compile the code they've been given in order to compare the binaries with the binaries that MS ships?

I pay my taxes because I benefit from things like roads and schools and fire departments and such.

Do you get zero benefit from the things your taxes pay for?

Because he has decided that those updates improve the kernel somehow. That's his job: to improve the kernel.

If some applications get broken when the kernel is improved, it's the application developer's job to fix them.

This is as it should be. Any other model ties the hands of the kernel developers and then they can't do their job.

I don't think any of that is strictly necessary. Verify the math and inspect the implementations, but there's no need to throw it all away. Some amount of paranoia is justified, but throwing it all away goes too far.

I agree there are serious issues with the current system, but I am at a loss to come up with what would replace it.

Because the designers of the Linux random number generator code designed things such that if RdRand is compromised, it doesn't reduce the strength of the random number generated. However, if it is not compromised, then the randomness is stronger.

Why should we give up a potential benefit if there is no possible harm?

Sure, unless you're wearing gloves, or when you have wrinkled fingers from swiming or bathing, or you have grease on your fingers from eating, or you have a job where you have to wash your hands a lot (doctor, nurse, new parent, etc).

Rebasing is extremely handy when you have multiple branches being developed. Whenever a branch is merged, you rebase the other branches so that the merged feature gets pulled into each branch.

Then you haven't thought things through.

"Locks" like what is being suggested here is simply another point of failure on a system that is optimized to have as few failure points as possible. No one that knows anything about guns will willingly buy this.

There are people who get just as much satisfaction out of improving existing code as "feature" programmers get out of creating new features, both in the open source community and working for business.

If you identify the missing 10% and make it visible to those people, unless your process makes contributing painful or your code base is painful to work through, chances are someone will be willing to work on it, especially if they are directly impacted by it.

As an open source project, the best thing you can do to encourage people to help with the code is to make your codebase clean and readable and let people know what the issues are.

This seems suspicious to me. Can you provide a link that explains this in useful detail?

I think the term you're looking for is "opportunity cost".