The (lack of) constraints on who can see the code is not the only difference. There's another difference, that for some reason gets explicitly denied as a difference by the preceding anonymous coward:
I would, in fact, expect that the passion and interest of coders in the open source world is actually far greater on average than in the closed source world, rather than exactly the same as the anonymous coward suggests. I have met many "professional" coders who write closed source software for some part of their typical eight hour workdays, and never think about code outside of that time if they can avoid it. Many of them hate coding, in fact, but do it for the paycheck, then go watch American Idol in the evenings and try to avoid having anything "boring" like computer programming intrude on their off-time.
Open source developers are the people who are interested and passionate enough about what they do to do it on their own time, or even to seek out jobs where they're allowed to contribute to open source projects on company time. That takes more dedication and honest interest in producing something good than just working in a cubicle for eight hours a day where they honestly couldn't give a shit whether what they were doing was writing code or picking their noses, as long as the paycheck keeps coming in.
Thus, I think there are some distinct benefits to open source software above and beyond the mere fact that given enough eyes, all bugs are shallow.
So, yeah . . . your second paragraph, only more so. That's my opinion.
PostGRES
Are you sure you don't mean PostgreSQL?
Remember that most programmers are far from half as good as the Linux coders, and thus should avoid writing code as much as possible.
FTFY
Only if they're actually is sufficient enough people looking at the code. OpenSSL proves that there isn't.
It's difficult to get enough eyes on the project when its design is such a mess that people who take a look at it have no idea what they're seeing.
Every major TLS software package available is crap, from what I've seen. OpenSSL only "proves" that with a sufficiently hyped marketing campaign, a bug in one package can ruin its reputation relative to others with similarly bad security issues that did not get the same marketing. In some respects, it could be argued that the recently discovered bugs in GnuTLS and Apple's TLS code were actually worse than the heartbeat feature's bug in OpenSSL, if only because the kind of coding stupidity that produced those bugs would almost certainly never have been made by someone who would even be capable of fixing the OpenSSL bug, while the OpenSSL heartbeat bug (aka "Heartbleed") is basically just a mistake made by an at least marginally competent coder.
So, take your pick: "Heartbleed", a bug introduced as a possibly understandable mistake by an at least marginally competent coder, but comes with tremendous marketing hype -- or the GnuTLS and Apple bugs of the "we check to make sure it's a verified connection, but then do nothing about it when it's not verified", which are the kinds of errors that require the relevant coders to actually be incompetent, drunk, or otherwise so out of whack that it makes those of us who understand the problem scratch our heads and wonder how that could ever possibly have happened, but did not come with tremendous marketing hype, so nobody really thinks about the shaky ground on which they're standing when using that software.
The key fact to keep in mind, though, is that basically every major, widely used TLS package in the world (open source or closed) seems to be rickety garbage mostly maintained by manifestly unqualified programmers. Worse, many of them don't seem to realize they're unqualified. OpenSSL appears, from what I've seen (which admittedly isn't enough to be sure of my conclusions), to be at least slightly less awful than Apple's, GNU's, and Microsoft's equivalents, but even optimistically it is the best of a bad breed. There is one ray of hope here, however: some people in the OpenBSD project have undertaken the herculean task of forking OpenSSL and rehabilitating it. Given the relatively high density of people with secure coding skills in the OpenBSD developer community, and the OpenBSD project's practice of performing extensive code reviews, as well as the early evidence that these guys are doing what it takes to make a good TLS package out of OpenSSL -- throwing away huge swaths of unnecessary code and cleaning up some horrendous bugs that have been around forever -- I have high expectations, assuming the fork project doesn't die before reaching stable release state.
Has it ever occurred to you that despite having done some things wrong the Linux world has developed some very solid technology and BSD might, just might, benefit from pulling it's head out of the sand adopting some of them.
What are you talking about? FreeBSD makes use of Linux-based technology all the damned time -- just as soon as it can port it (because for some reason Linux developers are increasingly hostile to software portability) or reimplement it (because the Linux community seems inextricably wedded to using licenses that create compatibility problems with other licenses, thus making it illegal for BSD Unix projects to use the original implementations). The fact not all technologies are deemed worthy for adoption does not mean that all Linux-based technologies are avoided just because they came from the Linux world, y'know.
You can't have rational conversations with people who think the word "bloat" belongs in a discussion where the difference is like a meg.
I'm not sure it's possible to have a rational conversation with someone who makes comments like that as though intentionally creating a rift between participants in discussion as a pre-condition for conversation.
Hell last I checked BSD's still come with vi and not vim out of the box.
Vim potentially creates licensing problems for BSD Unix base systems.
Is there any legitimate justification for the fact I have a more capable tar out of the box on a Linux system than BSD?
citation needed
Also . . . licensing.
The Linux world has it's problems and if you use the cutting edge stuff you will have some glitches here and there. But at least it is doing SOMETHING. Those glitches will be worked out. Some things will be discarded in time others will stabilize into solid technology.
. . . by which point it will have already been deprecated in the community at large by something else half-created that is buggy and problematic. Some Linux distributions will of course be resisting the sudden jump to a new, unfinished replacement for the last unfinished replacement, but they'll have problems because other things that they want to use will jump to dependence on the new, unfinished toy.
BSDland is doing a whole lot of nothing and calling it a feature
I guess we can ignore all the stuff being created in "BSDland", including stuff that keeps getting ported to "Linuxland" because the Linux developers were too busy building half of something and making it technically very difficult to port to BSD Unix systems.
most of the software running on BSD is developed in projects that are cross platform because it is easy to be but those projects exist and thrive because they run on Linux not because of BSD.
Say what? I suppose new capabilities of, say, pf "only exist and thrive because they run on Linux not because of BSD", even though pf isn't portable to Linux. Right? Then, of course, there's the BSD ACL framework on FreeBSD that is widely regarded as being as capable as SELinux and easier to use. I think you just don't know what the hell you're talking about.
BSD has some nice technology but the only reason it continues to exist and talented people waste effort developing that technology there instead of on Linux (where more people will benefit from it) is because some people who felt l33t running a hard to use Linux in the 90's hated Linux going mainstream and because nostalgic old UNIX admins still perpetrate the myth that it is more stable/secure/somehow betterer because much of it originates from the old UNIX(TM) code base.
. . . or maybe you're just an OS bigot, and what you're saying is complete claptrap.
Of course, thanks to SCO we all know that any of that code that was worth having migrated into Linux a long long time ago.
You're kidding -- right? If it was true, SCO would have won its case rather than descending into blood-smeared bankruptcy, its CEO living in infamy with his reputation worth a bucket of feces, its shareholders' stock portfolios decimated, and its name a ludicrous joke.
It's a shame. If there wasn't so much resentment and hate there could be more collaboration between two communities that really should be staunch allies.
I agree. Why are you so resentful and hateful?
I've just noticed that whenever someone asks if FreeBSD has a feature that is already in Linux or if someone asks how they can do action ABC on FreeBSD that they do on Linux, the result is typically a flame fest. People in the FreeBSD community often use their hatred of Linux to defend their own lack of progress.
I haven't really seen that on the mailing lists and in IRC. Maybe what you observe is a problem with the forum, specifically.
Which you comment, appropriately enough, demonstrates.
I think this statement of yours demonstrates that you're just looking for reasons to hate FreeBSD users.
- a *lot* of times a software gets a new version and the ports skip it. So you install mediawiki 1.18.1 and then update to 1.18.4. (just an example).
That's not the fault of the ports system. That's the fault of the maintainer of that specific port.
- patch backport: I really hate backporting of patches. so sometimes you have version 1.1 of a software and then you get version 1.1_1 which is actually almost 1.2. never liked it, I prefer the vanilla software.
That's kind of a strange gripe. Are you really complaining about how version numbers are represented?
- there *are* software conflicts. Try to install a couple of things that requires icu and keep them up to date. most likely you will not be able to update une of the packages 'cause it doesn't work with the old/new version of icu. Avahi still requires icu 3.8, guess what, it's not in the ports anymore.
It was stated that software conflicts are rare -- not that they never happen. They happen for every software management system, including those used by popular Linux distributions and what we might, with a laugh, call a software management system on MS Windows. Such is life.
Thus spake the master programmer: "After three days without programming, life becomes meaningless." -- Geoffrey James, "The Tao of Programming"
