Much better, now the bias is removed. :) Finally.
SIGH! If you take a look at /talk I've linked to the source code of the commercial version. The code is open for everyone to read and validate. The licence doesn't really matter for security, as long as the code is available.
The claims made by Lee Daniel Crocker is _biased_ (!)
I made no claims whatsoever. I
reported that what
OpenSSH folks claim--and they really do claim this--that openness is important to security. That's a simple statement of fact, that a certain group of people make a certain claim. That's true, unbiased, and I think relevant and important to the article. Whether or not the claim is true is a side issue--if you want to say something about that, go ahead. --
LDC
He may have a point though, e.g., if the SSH licence doesn't permit distribution of patches or versions with security fixes applied.
===
From the licence:
"except that You may create patches, bug fixes and additional features and bundle or distribute the Software with certain operating systems as specified above;"
You are explicitly allowed to create and bundle with patches.
STOP deleting the openness=security claim, dammit. The claim is made, it's important, and it should be reported. I'm glad that you
also want to criticize the claim, but stop deleting it! As evidence for the importance of the claim, I quote exactly from the
first item on the "features" page of
OpenSSH:
- Open Source Project : The OpenSSH source code is available free to everyone via the Internet. This encourages code reuse and code auditing. Code review ensures the bugs can be found and corrected by anyone. This results in secure code.
This is the very first feature they think is important to mention, and it the reflected in the very name of the product. This is relevant and significant and needs to be in the article. --LDC
The way its written now is excellent, the way it _was_ written didn't refere to the
OpenBSD developers claim at all.
![[Home]](wikipedia.png)