Wow, imagine a Beowolf Cluster of these!
I have to agree. You can't build a system that isn't ever going to be hacked. You can build a system using the best available practices that is very difficult to hack and put the most effective system possible in place to detect hacking attempts as early as possible. To a large extent, it seems that they did a respectable job in both respects. I'm sure that they can make improvements and will learn lessons from this. They are a well capitalized company and it is absolutely vital that they maintain credibility in this respect. The value of their service diminishes greatly if it is not secure. They simply can't be seen as ineffective in this matter.
I am especially impressed that they obviously had an effective plan together to quickly update client applications in the event that something like this happened. They pushed out updates for IOS and Android very quickly. They even updated Penultimate which was only recently integrated into Evernote. It seems like they had their act together as far as that was concerned.
They obviously need to stay on top of this game. I'd like to see two factor authentication and better not encryption options. I have my concerns about using Evernote, but I am still a pretty heavy user with over 6000 notes. So far, the benefits outweigh the risks. From what I have learned about this incident so far, I don't think that my appraisal of the cost and benefit will tip the other way. I hope that it stays that way because we don't learn anything new about this incident that seems careless or irresponsible, and because they continue to develop the product and improve the security.
I don't understand. If the guy who runs the company goes away usually it's fairly easy process (albeit longwinded and boring) to get a new general manager, CEO or whatever. Namesys isn't a public company, so they could name their Thanksgiving turkey the CEO.
It all depends on how the company is setup. For example it could be an S Corp with Reiser as the only shareholder. In that case, he is the company. There is no they to do anything. He may be the only one who can write checks, file taxes, etc. As for the Thanksgiving turkey, I hope that you don't think that it is that easy to run even a small company.
Theoretically, the employees could form another company and carry on that way. Obviously not everyone has the aptitude and intestinal fortitude to pull that sort of thing off.
Is Hans really that important to ReiserFS? Isn't this the whole beauty of GPL code, that there are thousands of people out there who can pick his work up without even involving him, Namesys etc., and continue the 'legacy'?
I think that this is part of the falacy of opensource. In theory you are right but something along these lines takes a highly qualified programmer focused on the task a long time to write and test. During that time the programmer needs food, shelter, clothing, utilities, insurance, transportation, computer equipment, etc. Start to work out the logistics for yourself. I'd love to work on it but I can't figure out a way to pay all of my bills while I am doing it. I imagine that I am not alone. I don't have enough spare time to work on it. I imagine that it would take quite a bit of time and effort to even get up to speed. When you start looking at the details, you are really lucky if your theoretical thousands doesn't in fact turn out to be one or two.
I think that when you look at any opesource project, you will find that there are maybe a small handful of people that are able to devote the time and effort to keep it going. Sometimes they get grants or sponsorships and sometimes they just don't mind being flat broke all the time. There certainly aren't thousands makeing really meaningful contributions. There is a small handful without whom the whole thing falls apart.