Why Would Fedora be Free ? Can it be Trusted?

Chalonec Roger Chalonec.Roger at pbgc.gov
Wed May 12 15:23:31 UTC 2004 

Ben,

Thanks for your response.  I found it informative, helpful ,and amusing
where meant to be.  I am gathering information to provide answers to my
colleagues and this has been very helpful as have all the messages I
have received from the other "altruists" on the forum.  I have even
helped a little bit myself I hope.  Regarding the vetting of the
software by Redhat, another part of this thread pointed me to
http://fedora.redhat.com.  Very useful information on this sight though
it lacks some of the insight you have provided.

Thanks again all... 

-----Original Message-----
From: fedora-list-bounces at redhat.com
[mailto:fedora-list-bounces at redhat.com] On Behalf Of Benjamin J. Weiss
Sent: Wednesday, May 12, 2004 8:58 AM
To: For users of Fedora Core releases
Subject: Re: Why Would Fedora be Free ? Can it be Trusted?


From: "Chalonec Roger" <Chalonec.Roger at pbgc.gov>
> All,

I'm not the expert, so the replies below are merely my opinion...

> I am looking at using Fedora at my work and some people are asking the

> following questions or have the following concerns that I did not know

> how to answer:
>
> 1.  Why is fedora free and why would people work on it for free?

There are multiple answers to this one.  Linux Torvalds wanted to create
a version of Unix that would run on a PC, that everybody could use for
free (as in no cost). Because he was an altruist he believed that it
should be Free Open Source Software, which means that anybody in the
world could look at the code and modify it for their own purposes,
provided that they then offered their work back to the community.  Why?
I believe that it's because there are just some people who enjoy helping
and sharing more than making a lot of money.  That's one reason why I
used to volunteer for the Red Cross and am now in the National Guard.
Not everybody's motivated by money.

>2.  Some people are concerned that since Fedora is open source that 
>they  don't know where the software comes from so they can't trust it.

>How  can they trust it?

I've seen this argument recently, and while it sounds good, I can't find
any serious logic behind it.  If this were the case, then Microsoft's
Windows would be safe.  We all know that is not the case based on the
myriad exploits/worms/virii/etc. that currently plague the windows
world.

Also remember that Fedora is only a *distribution* of linux.  The linux
kernel is overseen by Linux Torvalds and his kernel team (I wish *I* was
that smart!), and I'm pretty sure that he watches that code about as
closely as a mother cat shepherding her kittens through a dog show. :)
All of the other software are packages maintained by their respective
teams.  However, each software package is also monitored by distro teams
who backport security fixes, etc.  So while it's possible that somebody
might be able to slip in a piece of malicious code, it would almost have
to be a majority of the team members of a certain package, and it would
most likely be quickly picked up by a patch team somewhere.

> 3.  How are updates to Fedora vetted and accepted?

Sorry, I don't know this one.

> 4. Does Redhat have any involvement with Fedora?

Yes, they provide a great deal of resources to the project.  Their web
site claims that Fedora is a sort of "test bed" for technologies before
they make their way into RHEL, though they're giving control of the
project back to the community.

> 5.  Does Redhat use the same processes in "controlling" fedora quality

> and
releases as it did
> the free versions of Redhat?

I don't know this one either.

> 6. Ostensibly Redhat offered free versions of Redhat Linux because 
> they
could make a profit on support.  Now Redhat
> has built a market and Redhat is no longer free.  What is the profit 
> motivation of the Fedora group and persons/orgs who make software 
> contributions to it?  (By the way, there is nothing wrong with 
> profit.)

Well, the profit motive for RedHat sponsoring the project is that they
get a test bed and an enthusiastic test community for software that will
make it into RHEL.  For the rest of the Fedora community, there simply
*isn't* a profit motive.  I don't think that profit is evil or anything,
though some people can be so motivated by greed that they lose all sense
of morality
(*cough* Bill *cough* Gates *cough*).  But take a look at this list.
None of the folks here are paid to help others, they just do it because
they love Fedora and linux and want to help others join the club.

One final word about security.  I've heard a lot of folks trying to
claim that linux isn't secure.  However, if that's the case, ask them
about how many linux worms and virii have plagued the internet as
opposed to ones that run on Windows.  Then when they make the claim that
this is because windows is in much more use than linux, ask them how
many worms have swarmed across the net that used  Apache (which runs
about 70% of the web) as opposed to Microsoft's IIS.  We call this
"empirical evidence", and linux wins hands-down.

> Thanks,

> Roger

You're welcome!

Ben


-- 
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

More information about the fedora-list mailing list