Hacker News new | ask | show | jobs
by statictype 1482 days ago
I feel like security bugs are in a class of their own and need different ways of thinking about them.

If you leave aside security bugs, is Linus’ law still invalid?

Any reference to any material on this?
2 comments
pvg 1482 days ago
https://ai.googleblog.com/2006/06/extra-extra-read-all-about...

But more importantly, it says 'all bugs' not 'all bugs except for these other bugs which would make the whole thing untrue'

link
tptacek 1481 days ago
It's still not true if you leave security bugs out. It's basically never true except for a thin class of superficial bugs --- the bugs you'd intuitively expect to get diagnosed get diagnosed, but nothing else does.
link