× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I concur on all of this.

My manager sees me in the flesh (yes, yes, clothed, of course!) I survived
the interview, I dress appropriately, shower every day, brush my teeth, and
have shown my skills through the projects I've worked on. In this
particular job, I even had to pass a background check.

For all my manager knows, Thomas Raddatz could be one of those hacker rats
who hasn't seen daylight for two months, exploiting a leak somewhere that
no one else has (yet) detected, and has managed to funnel millions of euros
into a Swiss bank account.

Of course, you and I understand that's not true. But the context is in the
first five words of that previous paragraph. As a manager, he has a
fiduciary duty to protect the assets of the company, so he necessarily
takes the worst case scenario with the information he has, which, in this
case, is almost zero. You and I and others here have had the luxury of
rubbing elbows with the elite of the IBM midrange world here at midrange.com,
and I would like to think that *someone* here has reviewed the source code
and "vetted" it. (In fact, someone has privately contacted me to let me
know his company has done just that.)

- Dan


On Wed, Mar 11, 2015 at 3:43 PM, <MichaelQuigley@xxxxxxxxxx> wrote:

Buck,

Thanks for sharing this. What a great answer when people question using
open source software. Managers do implicitly trust in-house developers.
Are open source developers trustworthy? Well, they're willing to subject
their code to the prying eyes of anyone who'll care to look--perhaps
thousands of people. I'll keep this in mind next time I want to propose
using open source.

Michael

Oh my, I've partaken in the vain slaughter of many electrons!

"WDSCI-L" <wdsci-l-bounces@xxxxxxxxxxxx> wrote on 03/11/2015 01:00:03 PM:
----- Message from Buck Calabro <kc2hiz@xxxxxxxxx> on Wed, 11 Mar
2015 11:59:25 -0400 -----

To:

wdsci-l@xxxxxxxxxxxx

Subject:

Re: [WDSCI-L] Might be getting 1-day admin privileges to PC; what to
install besides iSphere?

On 3/10/2015 4:56 PM, Dan wrote:

I'm not sure whether I'll be asked, but have either the iSphere or the
RPGUnit plug-ins been "vetted", officially or unofficially "blessed"
by
IBM? I trust the people on this list, and am sure these plug-ins pose
no
security risks, but they are pretty tight around here, and I'm not
sure
whether anyone else here has already "officially" vetted any plug-ins
for
RDi.

This is a great question in the age of open source software. I was
first asked it perhaps 10 years ago when I wanted to use CGIDEV2 in
production software.

My answer back then: 'We do not have a certification process for any
software, including our in-house RPG. We do not - and perhaps can not -
certify our RPG to meet specific security and supportability criteria,
not the least because there ARE NO security and supportability criteria
to be met.'

This of course is a non-answer to a manager. Managers implicitly trust
their developers to write their code 'properly'. They have no such
faith in developers they have never met. I don't think there's a good
answer beyond 'Do you trust me personally?'

In the case of these particular plugins, the enhancements are to RDi
itself. They don't connect to the database; there's no back door SQL
injection risk, etc. They enable a developer to develop better by
allowing him (me) to think better. If for some reason, iSphere were to
crash horribly, I'd be back to the bare bones RDi. Business continuity
would be completely unaffected.

--
--buck

As usual I have slaughtered many electrons in vain.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.