I'd probably have more faith in someone paid for their respective coding skills than some bloke/blokess sitting in a basement working for nothing. But what do I know?
Agreed. The op's article actually gives me more faith on Linux kernel. I think it's only human nature, that unless it's paid work, a sustainable development is not guaranteed.
I suppose this would be more relevant to users of the latest kernels,but a large majority of linux users are using older kernels and some linux forums would seem to suggest that updating the kernel is not always required.
Yeah, not new news at all. But as I've said before on here, Linux and BSD have both received funding from all sorts of government programs and corporations (and they use BSD/Linux themselves). And so is the very computer hardware Linux runs off. Why? Because that's where the funding and resources are- in government and corporation funding. It's just a fact of things. If you try to black/white view it as "the man" you're going to end up not using any computers. https://en.wikipedia.org/wiki/Colossus_computer or the Internet itself, or the Tor netowork- it's all funded. It's not always a conspiracy, it's just a imperfect reality.
Usually the guys working in their basements are doing it as a labor of love and are trying to produce high quality code to impress their peers in the circle of developers they correspond with and work with. I know this because I have been there. We produce code for a project we all look at each others code, we look for mistakes in each others code and look for ways to improve it. When the developer is on salary he codes what he is told to code, if those paying the wages don't want everyone spending time going over each others code looking for ways to improve it, they don't. If those funding the project require weakened security because they have ulterior motives, or are influenced by those with ulterior motives, weakened security is what they get. Coder creates great code, excellent security algorithm, project manager calls him into the office, look thats great but we cant have the entire protocol encrypted, the choice of ciphers has to be transmitted in plain text. Coder says but why ? That's not as secure as mine. Project manager says it doesn't matter if it is secure or not, that is what we have been asked for, and they are paying our wages so that is what we are going to give them. Disgruntled coder goes back to his computer and makes the changes.
I'm starting to re-evaluate my opinions on Linux trustworthiness. Google can now be considered untrustworthy IMO, and their personel have contributed a lot of code to the Linux kernel and userspace. Perhaps FreeBSD or NetBSD would be a better bet just by virtue of less corporate contributions; or OpenBSD, from the standpoint of actual code auditing etc. Edit: not to say that Linux is definitively less trustworthy than Windows/OSX/etc. I'm just starting to think it's not necessarily more trustworthy, either.
The article is spreading awareness but the title may create a sense of doubt...unnecessarily. 1. Money can be the root of evil but money is also the reason why we see progress. Without funding, Linux would not be where it is today. 2. I can understand the reasoning behind anti-corporate sentiments but not when it cloud people's judgment to the point where it becomes absurd. Feel free to hate corporations all you want because corporations often do stupid things. However, do not fall under the trap of putting the individuals as equally untrustworthy. They are not the same thing. 3. The article failed to touch on the difference between open-source software & free (libre) software. If your security/privacy/anonymity needs dictate that you cannot trust any form of non-free or proprietary code/firmware, there is the Linux-libre kernel.