So the HP guy comes up to me (at the Melbourne conference) and he says, 'If you say nasty things like that to vendors you're not going to get anything'. I said, 'No, in eight years of saying nothing, we've got nothing, and I'm going to start saying nasty things, in the hope that some of these vendors will start giving me money so I'll shut up'.
Theo de RaadtI think it is astounding that people could argue for "you just must trust someone else to fix it" instead of "you could fix it yourself, or hire someone to fix it." There is a contractor base out there that can solve these problems as well as or better than the major vendors could. But I think the major vendors are still having more luck at getting the ear of the press.
Theo de RaadtI actually am fairly uncomfortable about it, even if our firm stipulation was that they cannot tell us what to do. We are simply doing what we do anyways - securing software - and they have no say in the matter. I try to convince myself that our grant means a half of a cruise missile doesn't get built.
Theo de RaadtI work on OpenBSD fulltime, as the project leader. I set some directions, increase communication between the developers, and try to be involved in nearly every aspect of the base system.
Theo de RaadtLinux has never been about quality. There are so many parts of the system that are just these cheap little hacks, and it happens to run.
Theo de RaadtI don't know if there's enough vision. Industry wide, the apathy regarding this recent problem is already setting in - shiny things are happening elsewhere, people are forgetting.
Theo de Raadt