[offtopic] Coverity . . .

Albert Astals Cid aacid at kde.org
Wed Apr 19 19:27:41 BST 2006


A Dimecres 19 Abril 2006 20:18, Kuba Ober va escriure:
> > I wouldn't worry about how Coverity decides to market and expose their
> > product, unless it affects KDE.
> >
> > That's how I see it.
>
> Sure. I just think that while what they are doing with analysis and all
> might be perceived as "mostly good thing", there's a little spin to it.
> Just wanted to keep it in a fair perspective.
>
> BTW, it does affect KDE since they indirectly use KDE as their marketing
> tool (see e.g. scan.coverity.com). The mentioned page is a page of "pure
> facts", sure, but just like media use facts to spin things their way, so do
> most other marketing campaigns. Coverity is no exception here.
>
> Heck, they actually end up posting security holes as their news releases
> (say the X.org privilege escalation hole). One could bet that in a few
> months KDE might end up in one of their PR releases. Those are pure
> marketing devices, no one would bother with them otherwise.
>
> Besides, they are not even doing it for free. There's a contract with DHS
> involved, so one supposes they got decently paid for their efforts.
>
> So what this all boils down to is that not only OSS projects like KDE end
> up being indirectly used by Coverity as marketing devices, Coverity got
> *paid* for all that. I'm leaving aside the question of why DHS (thus U.S.
> taxpayers) are in effect paying for Coverity's marketing.
>
> If someone still insists this doesn't affect KDE, 
It affects KDE, we have better code at no cost.

Albert

> then I don't know what 
> does. The next step would be MS re-posting Coverity's PR to give a positive
> spin on the "security" of Windows . . .
>
> Is there a better kde mailing list to move this thread to?
>
> Cheers, Kuba

		
______________________________________________ 
LLama Gratis a cualquier PC del Mundo. 
Llamadas a fijos y móviles desde 1 céntimo por minuto. 
http://es.voice.yahoo.com





More information about the kde-core-devel mailing list