Is Code Auditing of Open Source Apps Necessary? 108
An anonymous reader writes "Following Sun Microsystems' decision to release a raft of open source applications to support its secure cloud computing strategy, companies may be wondering if they should conduct security tests of their customized open source software before deployment. While the use of encryption and VPNs to extend a secure bridge between a company IT resource and a private cloud facility is very positive — especially now that Amazon is beta testing its pay-as-you-go private cloud facility — it's important that the underlying application code is also secure. What do you think?"
Re:Yes. (Score:5, Funny)
No shit. I don't understand how this got to be a story. What's next, "Should Engineers Who Design Bridges Demonstrate Competency Before Thousands of Automobiles Drive on Those Bridges?"
No.
They should pass an accelerated three month course on how to mix cement, then spend six months mixing cement for 300$/month and then change jobs saying in their CV that they have five years of experience in construction. Only then they're ready to apply their experience to design a bridge.
When the first car goes over it and falls to its demise, they're just have to patch the bridge.
After a couple of years and innumerable patches, the bridge, now essentially a pile of cement over a chasm, will finally stop dropping more than a couple cars per day to the void. At that point, the engineers are ready to find a management position.
Monty Python Engineering (Score:1, Funny)
King of Swamp Castle: When I first came here, this was all swamp. Everyone
said I was daft to build a castle on a swamp, but I built in all the same,
just to show them. It sank into the swamp. So I built a second one. And that
one sank into the swamp. So I built a third. That burned down, fell over,
and then sank into the swamp. But the fourth one stayed up. And that's what
you're going to get, Son, the strongest castle in all of England.
Re:Flip the question. (Score:3, Funny)
Has anybody sued MS and won because there was a bug in their product?
Of course not. Everyone knows that MS products don't have bugs.
Re:Monty Python Engineering (Score:4, Funny)
King of Swamp Castle: When I first came here, this was all swamp. Everyone
said I was daft to build a castle on a swamp, but I built in all the same,
just to show them. It sank into the swamp. So I built a second one. And that
one sank into the swamp. So I built a third. That burned down, fell over,
and then sank into the swamp. But the fourth one stayed up. And that's what
you're going to get, Son, the strongest castle in all of England.
That sounds a lot like the development history of Windows.
Re:Monty Python Engineering (Score:5, Funny)