I don’t know who is downvoting me but why don’t you take a moment to educate yourself on the history of heartbleed, in a piece of infrastructure far more critical than a browser used by a few hundred thousand people. It’s an example of the thing missing from most of the analysis about open source: the time scales involved. It was caught by volunteers. It was also caught 3 years after it was in the wild. It took the better part of a decade to get most servers operators to fix their shit. Yes, open source allows this to happen. But ten years is a long time.
I don’t know who is downvoting me but why don’t you take a moment to educate yourself on the history of heartbleed, in a piece of infrastructure far more critical than a browser used by a few hundred thousand people. It’s an example of the thing missing from most of the analysis about open source: the time scales involved. It was caught by volunteers. It was also caught 3 years after it was in the wild. It took the better part of a decade to get most servers operators to fix their shit. Yes, open source allows this to happen. But ten years is a long time.