John Stoffel writes:
What makes anyone think that closed source model is any better? Just look at the number of patches Microsoft, Oracle (Java) and Adobe have to release for their products all the time. If they were so much better, why do they supply so many patches?
I certainly do NOT think the closed source model is better. Anyone who knows how I work will know the extent to which I believe this. But it is also truthful that all these "events" --heartbleed, the bash problem, and now TLSv3 (oh yeah, it's called "POODLE") is adding to the FUD. The fact that I can look at sourcecode tips the balance in favor of FOSS for me certainly, and I assume for most people on this list. But that doesn't change the fact that the questions are out there. So people using/running FOSS in a non-hobby environment should be prepared to answer questions about it if we consider ourselves to be advocates. I don't think FOSS confidence is a silly discussion item for this group. --MCV.