You are viewing a plain text version of this content. The canonical link for it is here.
Posted to security-discuss@community.apache.org by Daniel Shahaf <d....@daniel.shahaf.name> on 2022/01/17 10:24:31 UTC
Analogies for open source (was: Re: Log4j vulnerability background)
Sam Ruby wrote on Sun, 16 Jan 2022 21:26 +00:00:
> On Sun, Jan 16, 2022 at 1:49 PM Dominik Psenner <dp...@gmail.com> wrote:
>> A good analogy could be electric cables interconnecting various components
>> so that they can fulfill their purpose, ie switches to turn on/off lights.
>> And hey, there are also pluggable components like power plugs where new
>> stuff can be plugged into. :-) What if someone could plug something,
>> unnoticed, with an adapter nobody thought of?
>>
>
> Unfortunately, I don't know of a good analogy for open source.
Interesting question. In open source, people give away their work
product gratis. That's only possible for goods whose cost of copying is
negligible (computer files, theorems, ideas) or that are abundant (air;
rainwater or wind in some places; sand on Arrakis; scrap wood at
a carpentry).
Also, open source can be done by anyone, but the major efforts are
actually a collaboration of experts from competitors, who lay aside
their commercial differences and interests.
So, ideas:
N tribes of hunters-gatherers, that live next to each other, having
a conference on spear design.
Math. Anyone can prove a theorem and get it published, but the people
who do are generally career academics. (It's easier in math because one
doesn't need lab equipment or specimen.)
Standardization. Go to any random IETF workgroup and you'll find
representatives of competitors working side to side to create something
together. (This helps avoid repeats of the Apollo 13 carbon dioxide
absorbers debacle, and ensures new standards are more like
email/batteries/PSTN and less like Facebook/Twitter.)
Emergency services. It's not unusual for two ambulance crews to work
side by side even if they aren't part of the same organization. You
could mention Hurricane Katrina, during which pilots were teamed with
rappellers they hadn't met before, but a simpler example is a car
accident on the shoulder of an intercity road. Someone will generally
pull over and render first aid — and people who do so are generally
trained in that. If two or more people pull over, they'll collaborate.
Any case in which opposing parties join forces to defeat a common foe.
For instance, in the _Ender's Game_ series, the world's nations lay
aside their differences to repel alien invasion. A real-world example
is <https://en.wikipedia.org/wiki/Olympic_Truce>.
Cheers,
Daniel
---------------------------------------------------------------------
To unsubscribe, e-mail: security-discuss-unsubscribe@community.apache.org
For additional commands, e-mail: security-discuss-help@community.apache.org