Consumers are not the ones providing OpenSSL, the vendors downloading and installing it on their vending systems, are. And so, it is the vendors who in fact should be afraid of lawsuits, not Robin or anyone else contributing to OpenSSL. But in any case, anyone is free to sue anyone else, the assumption is that the judging party understands what the usage license for OpenSSL implied. Which they are expected to.
If they had resorted to their area of expertise and simply used the malloc provided with the system, like all the regular chaps would do, even in their situation, the code would crash upon running (freed memory access) and the bug would surface already at New Years Eve 2012-2013 when Seggelmann was hopefully test-running it. So, even though indeed the code you quoted is the "bad bit", the real and broader issue probably is the teams questionable approach to development in general, in particular their false belief that someone writing a security library should consider themselves experts in rewriting heap management. Which ultimately cost them and their users. Sloppy sloppy.
This kind of practice of overestimating ones area of expertise - should be frowned upon everytime, for a good reason. We (developers) need to put it in our heads - not all algorithms are equal, and even though you and me may be prime experts at say, writing a perfectly safe implementation of SSL/TLS, we probably should steer clear of the stuff others know much more about, like heap, strings and what not. Time and again, someone comes along with the "brilliant" idea of "optimizing" the system heap allocator through caching memory blocks. True genius. No offense Robin, but WHY?! Yes, maybe the system malloc is slower than you'd like - still it is NOT YOUR PROBLEM. Division of responsibility, man. Let Glibc folks optimize malloc, or submit a patch THEY can review, if you have wonderful malloc improvement ideas.
Thing is, the people really behind the idea to wiretap any- and everybody, i.e. maintaining a big brother society, the people who have interest in this and the mindset to push for these ideas and carry them out - they see the state of the matter today as a hard won victory, decades in the making - and just as anybody who is afraid to loose their newly won property, they are afraid to loose it as well, and will not back down.
In short, getting to where we are with wiretapping today cost a lot of sweat and blood to these people, and the last thing they will allow is a step or steps in backward direction. The system as it is did not just appear out of nothing - a lot of folks have been putting a lot of hours into building it brick by brick, and they want their product to live on and return their investments. There are examples of far more benign ideas being pushed only because the incepting party wants ROI, end of story. This one however, is much more than just a lousy idea - it's a chance for a theocrat to see one of their dreams come to actual fruition.
Porsche 911: ~1300kg
Tesla Model S: ~2000kg
M4 Sherman: ~30000kg
I think you replied to the wrong post.
A bit Enders Game feeling to this...
Well, that's different. It's moronic to redesign things all the time, just to supposedly keep audience interest. Moronic. They could just change the stylesheets, if they knew their stylesheets from their content, of course. Instead they played dice with their entire userbase.
I thought people come here for content, not stylesheets?
The LG TV I turned on at my parens in law's place did exactly that - a dialogue in the lower right corner of the screen telling me that it needs/will upgrade itself promptly. I don't remember what I did then, but I remember being pissed about it!
Smart-TV concept is a ingenious strategy from TV makers to sell features to consumer when innovation doesn't sell or is lacking and when consumers are drowned in choice between TVs they can not differentiate between (except for the logo). I hate the concept, my parents in law seem to like it - they watch Netflix, even thought they have an iMac worth of hundreds of dollars in the other room, and could easily afford an AppleTV box anyway (they're fans of Apple and its products.)
3. Brightness per unit of distance - TVs give out far more brightness per square meter of illuminated area than a monitor. The dimmest plasma TV rivals the brightest monitors out there, and the newest and brightest LED LCDs that are sold in droves to the consumers today will burn your eyes out were you attempt to use them as monitor
1. Available sizes - far less choice of monitors above say 30", which is considered "small" for a TV
2. Different usage - TVs are meant to convey motion at the expense of still pictures (they usually do the latter adequately if not real well, however), while a monitor is basically for working, which puts ergonomy (read maximum brightness etc) at the top of priority list.
Besides, you don't get the market economy into account - we don't get the technology we geeks think is best - average users get the technology Ford thinks they will like - a TV that lets you watch Netflix, for one. Grandpa doesn't know his TV has a HDMI/Displayport input and that he can connect his laptop to it and browse the Internetz with a wireless keyboard/mouse combo. I do, and you do, but LG doesn't really consider us a big part of their intended buyer public. And this is how we have gotten to the point of applauding to the "brilliant" innovation of "smart" television.
Ford: "Behold, I give you the first in the world, a car with refrigerator!"
Public: "Woha, now I can refrigerate stuff while I drive!"
Geek: "Isn't it well, a car, with a refrigerator attached? I've had refrigerator installed in my car for years... What's new here?"
The thing is that, while you are absolutely right on all of your points, the main factor is image quality for intended usage - viewed from typical angular distance of 30-90 degrees or similar, TV of 30-55" size, first of all you will hardly find a computer monitor with sufficient luminosity/image brightness AND sufficiently little color distortion. Not to mention finding a computer monitor above 30" of size. Face it - not all of us watch movies from our working desk
The truth is, TV makers have gone a long way of making sure the image is stable and TV-worthy. Computer monitor makers go for a bit different goal - individual pixel clarity at the expense of brightness and motion stability (I don't think computer monitors do anything with motion anyway, which is however not a bad thing per se, mind you).
Bottomline is, we need screens that let us disable all of the often unnecessary image processing (usually found in TVs), while giving us luminosity and color gamut of a good modern flatscreen TV, which computer monitors mostly don't give us (unless you plan on using an Eizo or some other made-for-photo-editing monitor).
And I agree - make analog TV tuner optional, and DEFINITELY forfeit and abandon the whole Smart-TV concept - its a gimmick TV makers have found which lets them sell us features at the expense of lack of innovation. Real innovation lies in f.e. Philips MothEye tech., black levels and color gamut, horizonal and vertical angle viewing etc - the usual things normal people notice.
Want Smart TV? Connect a screen to a computer that runs something that people are used to (Windows, Linux, Mac OS X, etc), not a proprietary firmware capable of this but not that.
As soon as I read the line "...but can run most apps..." a feeling crept in that they most probably doing something wrong or had to make some hard compromises - just replicate the damn Android API, piece by piece, it is open is it not? "Most" today is a recipe for disaster - nobody likes almost working things. Jolla - talk with Google, certify Jolla as Android API compatible to a degree it is possible to actually "certify" for that kind of thing, and don't make yourself smaller than need be by stating "can run most apps". As a startup, you only have one shot at it, before you are shot back at - don't mess things up with inferiority in critical areas. Today it is not about hardware, it is about software - Android and iOS rule, and "most apps" means that you will win over "few" customers. Mark my word - unless you fix Androd compatibility, forget about it (and we will forget about you in 1-2 years.)
Maybe it is the new era of the industry - the likes of Steve Jobs forcing their will not only on the customers but on partners, subcontractors and even Apple board members, it seems that business leaders have recently got new hopes of being able to rule without having to listen to anyone. It's the grand decline of open source - as we now have closed source golden boys like Spotify, Android, Instagram, and whole app markets full of more or less polished apps, it seems that in many knowledgeable peoples eyes, open source has lost the battle. By virtue of demonstration, anyone can see that open source not always brings about the best product in desired time frame. So maybe Mark Shuttleworth had an epiphany ala Henry Ford - "F*ck users - what do they know anyway?! The forums are full of whineys, and Steve Jobs was maybe cruel but he made the apple golden again. F*ck users - Ima do it my way and show all of them how it is done." Whether he is the type to actually pull it off, remains to be seen.
Well, wouldn't it be cheaper if they instead had an air pocket inside, so they'd flow up to the surface for "factory recall"?