One good example of the problem with his "technical" works and his lack of actual experience with the things he likes to talk about so much, is that he makes and promotes outrageously incorrect claims like:
Given ANY number of eye, "all" bugs are NOT shallow.
Some bugs are NEVER "shallow".
And only a FEW eyes are qualified to see some bugs, while MANY eyes are totally unqualified, including his own:
His mouth is certainly not qualified to make sweeping generalizations about "all" bugs, given his lack of experience as a programmer, and his spectacular public failure at auditing code in his pathetic attempt to discredit the now-exonerated scientists whose code predicted global warming (described below).
Neither "enough eyeballs" nor "the right eyeballs" are a GIVEN, even for open source software.
"Not enough eyeballs" (or "ZERO eyeballs" as he loves to claim) are NOT a GIVEN for proprietary software, because you can license much proprietary source code, and some proprietary source code is available for you to read and audit for free, under licenses like Microsoft's "Shared Source" license.
And qualified eye balls are NOT FREE, and usually very busy being well paid to look at much more interesting things than poorly written buggy code like OpenSSL. I doubt that Eric Raymond has contributed any of the profits from his books or VA Linux stocks to Theo De Raadt or anyone else who actually takes the long time and tedious effort to actually audit code.
Wikipedia points out:
>In Facts and Fallacies about Software Engineering, Robert Glass refers to the law as a "mantra" of the open source movement, but calls it a fallacy due to the lack of supporting evidence and because research has indicated that the rate at which additional bugs are uncovered does not scale linearly with the number of reviewers; rather, there is a small maximum number of useful reviewers, between two and four, and additional reviewers above this number uncover bugs at a much lower rate. While closed-source practitioners also promote stringent, independent code analysis during a software project's development, they focus on in-depth review by a few and not primarily the number of "eyeballs".
And then there's the fact that Eric Raymond had the nerve to name and blame the "law" on Linus instead of taking "credit" for it himself.
And of course he also has the nerve to attempt to defend his "law", after we've just gone through three HUGE security holes in open source software that would have been discovered long ago, if only "Linus's Law" were true. On his blog, he constructs a straw man argument that "proprietary software is worse than open source software", which does not in any way support his claim about "all bugs being shallow".
Nor does he address many of the valid points that people raise, in the wikipedia article itself I just quoted, or that people raised in response to his blog posting.
To quote Theo De Raadt: “My favorite part of the “many eyes” argument is how few bugs were found by the two eyes of Eric (the originator of the statement). All the many eyes are apparently attached to a lot of hands that type lots of words about many eyes, and never actually audit code.”
The little experience Raymond DOES have auditing code has been a total fiasco and embarrassing failure, since his understanding of the code was incompetent and deeply tainted by his preconceived political ideology and conspiracy theories about global warming, which was his only motivation for auditing the code in the first place. His sole quest was to discredit the scientists who warned about global warming. The code he found and highlighted was actually COMMENTED OUT, and he never addressed the fact that the scientists were vindicated.
>During the Climategate fiasco, Raymond's ability to read other peoples' source code (or at least his honesty about it) was called into question when he was caught quote-mining analysis software written by the CRU researchers, presenting a commented-out section of source code used for analyzing counterfactuals as evidence of deliberate data manipulation. When confronted with the fact that scientists as a general rule are scrupulously honest, Raymond claimed it was a case of an "error cascade," a concept that makes sense in computer science and other places where all data goes through a single potential failure point, but in areas where outside data and multiple lines of evidence are used for verification, doesn't entirely make sense. (He was curiously silent when all the researchers involved were exonerated of scientific misconduct.)
Eric Raymond's standard technique is to stonewall and ignore valid criticism, while viciously attacking his critics. You can see that behavior consistently applied in most of his blog postings, comments, public statements and publications.
An archetypical example is his mean spirited name-calling defense of Russell Nelson, who was acting as President of the Open Source Initiative, a position that Raymond had just been kicked out of because his divisive in-fighting and life-long jihad against Richard Stallman was embarrassing them and damaging their reputation -- Russell was his replacement: OOPS!
After having been appointed President, Russell Nelson posted a blog entry entitled "Blacks are lazy", which of COURSE drew a lot of criticism, because it was obvious race baiting, and riddled with logical fallacies and racist bigoted presumptions. Russell expressed that it was "poor writing" and withdrew the blog posting, and resigned his position as President of the Open Source Initiative.
The original blog posting can be seen in the comments section of his wikipedia page, so you can draw your own conclusions:
Russell agreed with his critics that his blog posting was wrong -- although as to HOW wrong, he still disagrees with most critics, and he's generalized his argument to "everyone is lazy" and has characterized the criticism of him as "slander":
So, now that I've explained the background, I will demonstrate what I mean by how Eric Raymond typically constructs his arguments to support his political agenda, by ignoring valid criticism and turning it around on the critic by calling people names:
Even though Russell agreed the article was badly written, took it down, and voluntarily resigned, Eric demanded that OSI not only SUPPORT Russell, but waste their precious money, time, energy and reputation FIGHTING a BATTLE based on his own extreme right-wing libertarian "principles" against Russell's critics (who he called "FOOLS" and "THUGS"), which had NOTHING at all to do with open source software:
“The people who knew Russ as a Quaker, a pacifist and a gentleman, and no racist, but nevertheless pressured OSI to do the responsible thing and fire him in order to avoid political damage should be equally ashamed,” Raymond said. “Abetting somebody elses witch hunt is no less disgusting than starting your own.”
"Personally, I wanted to fight this on principle," Raymond said. "Russ resigned the presidency rather than get OSI into that fight, and the board quite properly respected his wishes in the matter. That sacrifice makes me angrier at the fools and thugs who pulled him down."
Since both Eric Raymond and Russell Nelson lost their leadership positions as President of the Open Source Initiative because of their bigoted, racist, divisive and very public beliefs, you can guess which side of the Brendan Eich controversy they came down on:
"My first thought on hearing of the resignation of Brendan Eich as CEO of Mozilla: Congratulations, gay activists. You have become the bullies you hate." -Eric Raymond
And this from the same self avowed "cheerful gun nut" who threatened Bruce Perens:
"Damn straight I took it personally. And if you ever again behave like that kind of disruptive asshole in public, insult me, and jeopardize the interests of our entire tribe, I'll take it just as personally -- and I will find a way to make you regret it. Watch your step."
Anyway, back to the criticism of TAoUP and Raymond's other technical claims to fame and self aggrandizing Autohagiography:
Everything he writes is deeply tainted with his one-sided partisan ideology and narcissistic self promotion, which is not just limited to Microsoft bashing, but to extreme right wing libertarian politics and guns. You can see that by the changes he made to the "Hacker's Dictionary", and you can see that in everything else he writes.
I've posted some typical reviews of the book in the other message.
Well thank you for taking the time to give critique. I was hoping to return to the book at some point and work through the suggested readings in more detail. I will definitely approach it with more caution a second time round and even more so when recommending it to others.
As an aside, how do you know so much about Mr Raymond? :) That's an awful amount of very specific detail.
It's pretty well known stuff in the Free Open Source Software Dramatic Political Soap Opera Scene, since he always tries so hard to get attention by writing outrageous bullshit on his blog and throwing tantrums on mailing lists, like this: http://www.redhat.com/archives/fedora-devel-list/2007-Februa...
I've known Eric Raymond and Richard Stallman since the 80's, and I can confirm that Raymond has always been that way, isn't anything like the "hacker" he claims to be, and instead of writing or auditing code, he has made his career by self aggrandizing himself and tearing down Richard Stallman, who is and will always be a much better and more successful person than he is.
But the he got even crazier, and went off the deep end after 9/11.
His "many eyes" law that he shamelessly promotes has given many people and organizations a false sense of security in open source software, and that's led to many huge commercial corporations taking the free stuff without contributing any money or time back, and building all kinds of critical internet infrastructure on top of software like OpenSSL. And you know what that led to.
When he claimed that the mean old gays were bullying poor Brendan Eich, and his friend Russell Nelson took up and defended his argument, it made me recognize a pattern that explains their motivation very well:
Eric Raymond and Russell Nelson and Brendan Eich all served as the head of major free open source software companies: Eric Raymond was the first president of the Open Source Initiative, Russell Nelson was the second taking over when he resigned, and then resigned himself shortly thereafter, and Brendan Eich was CEO of Mozilla.
All three of them made bigoted statements and performed bigoted actions, and as a consequence of their own speech and actions, and of their high visibility leadership positions of free open source companies, they each felt compelled to resign from their jobs, and now feel very sorry for themselves because of how other people reacted, not because of how they acted.
It's disgusting how Eric and Russell are now whining about the mean "intolerant gay bullies" who didn't respect Brendan's right to be intolerant of oppressed minorities. They're just projecting from their own experiences as ousted bigots. The mean old community just couldn't tolerate their bigoted divisive beliefs which were embarrassing and damaging the free open source software movement.
That's their standard operating procedure, of ignoring criticism and calling their critics names instead of responding with logical arguments. So Karl Popper is a baby thinker in Russell Nelson's mind.
So naturally Raymond and Nelson both feel sorry for Eich. They're birds of a feather, cut from the same cloth: they all lay down with the same dogs, and wake up with the same fleas.
So what does it say about Eich that two of his most sympathetic and vocal defenders were also kicked out of their leadership positions in a Free Open Source Software company, because of divisiveness and bigotry, just like he was?
Eric Raymond and Russell Nelson are far beyond redemption. And Brendan Eich finally put himself into the same boat as they are, and it's all his own damn fault, so of course those guys are his biggest advocates and defenders, and they all deserve each other.
And now Eich's legacy is not just tarnished by his donation to support Proposition 8, but by the fact that two of the most notorious douchebag in the free open source software community have come out of the woodwork screeching a full throated defense of him.
I think it's wonderful that the community refused to be led or fooled by people like them, who would pay money to make TV commercials demonizing gays and destroying sex marriages, or race bait and call the victims of their own bigotry bullies for standing up for themselves and exercising their right to free speech.
One good example of the problem with his "technical" works and his lack of actual experience with the things he likes to talk about so much, is that he makes and promotes outrageously incorrect claims like:
https://en.wikipedia.org/wiki/Linus's_Law
"Given enough eyeballs, all bugs are shallow."
When in fact:
Given ANY number of eye, "all" bugs are NOT shallow.
Some bugs are NEVER "shallow".
And only a FEW eyes are qualified to see some bugs, while MANY eyes are totally unqualified, including his own:
His mouth is certainly not qualified to make sweeping generalizations about "all" bugs, given his lack of experience as a programmer, and his spectacular public failure at auditing code in his pathetic attempt to discredit the now-exonerated scientists whose code predicted global warming (described below).
Neither "enough eyeballs" nor "the right eyeballs" are a GIVEN, even for open source software.
"Not enough eyeballs" (or "ZERO eyeballs" as he loves to claim) are NOT a GIVEN for proprietary software, because you can license much proprietary source code, and some proprietary source code is available for you to read and audit for free, under licenses like Microsoft's "Shared Source" license.
https://en.wikipedia.org/wiki/Shared_source
And qualified eye balls are NOT FREE, and usually very busy being well paid to look at much more interesting things than poorly written buggy code like OpenSSL. I doubt that Eric Raymond has contributed any of the profits from his books or VA Linux stocks to Theo De Raadt or anyone else who actually takes the long time and tedious effort to actually audit code.
Wikipedia points out:
>In Facts and Fallacies about Software Engineering, Robert Glass refers to the law as a "mantra" of the open source movement, but calls it a fallacy due to the lack of supporting evidence and because research has indicated that the rate at which additional bugs are uncovered does not scale linearly with the number of reviewers; rather, there is a small maximum number of useful reviewers, between two and four, and additional reviewers above this number uncover bugs at a much lower rate. While closed-source practitioners also promote stringent, independent code analysis during a software project's development, they focus on in-depth review by a few and not primarily the number of "eyeballs".
And then there's the fact that Eric Raymond had the nerve to name and blame the "law" on Linus instead of taking "credit" for it himself.
And of course he also has the nerve to attempt to defend his "law", after we've just gone through three HUGE security holes in open source software that would have been discovered long ago, if only "Linus's Law" were true. On his blog, he constructs a straw man argument that "proprietary software is worse than open source software", which does not in any way support his claim about "all bugs being shallow".
http://esr.ibiblio.org/?p=5665
Nor does he address many of the valid points that people raise, in the wikipedia article itself I just quoted, or that people raised in response to his blog posting.
To quote Theo De Raadt: “My favorite part of the “many eyes” argument is how few bugs were found by the two eyes of Eric (the originator of the statement). All the many eyes are apparently attached to a lot of hands that type lots of words about many eyes, and never actually audit code.”
The little experience Raymond DOES have auditing code has been a total fiasco and embarrassing failure, since his understanding of the code was incompetent and deeply tainted by his preconceived political ideology and conspiracy theories about global warming, which was his only motivation for auditing the code in the first place. His sole quest was to discredit the scientists who warned about global warming. The code he found and highlighted was actually COMMENTED OUT, and he never addressed the fact that the scientists were vindicated.
http://rationalwiki.org/wiki/Eric_S._Raymond
>During the Climategate fiasco, Raymond's ability to read other peoples' source code (or at least his honesty about it) was called into question when he was caught quote-mining analysis software written by the CRU researchers, presenting a commented-out section of source code used for analyzing counterfactuals as evidence of deliberate data manipulation. When confronted with the fact that scientists as a general rule are scrupulously honest, Raymond claimed it was a case of an "error cascade," a concept that makes sense in computer science and other places where all data goes through a single potential failure point, but in areas where outside data and multiple lines of evidence are used for verification, doesn't entirely make sense. (He was curiously silent when all the researchers involved were exonerated of scientific misconduct.)
Eric Raymond's standard technique is to stonewall and ignore valid criticism, while viciously attacking his critics. You can see that behavior consistently applied in most of his blog postings, comments, public statements and publications.
An archetypical example is his mean spirited name-calling defense of Russell Nelson, who was acting as President of the Open Source Initiative, a position that Raymond had just been kicked out of because his divisive in-fighting and life-long jihad against Richard Stallman was embarrassing them and damaging their reputation -- Russell was his replacement: OOPS!
After having been appointed President, Russell Nelson posted a blog entry entitled "Blacks are lazy", which of COURSE drew a lot of criticism, because it was obvious race baiting, and riddled with logical fallacies and racist bigoted presumptions. Russell expressed that it was "poor writing" and withdrew the blog posting, and resigned his position as President of the Open Source Initiative.
The original blog posting can be seen in the comments section of his wikipedia page, so you can draw your own conclusions:
https://en.wikipedia.org/wiki/Talk:Russ_Nelson#Blacks_are_la...
Russell agreed with his critics that his blog posting was wrong -- although as to HOW wrong, he still disagrees with most critics, and he's generalized his argument to "everyone is lazy" and has characterized the criticism of him as "slander":
http://blog.russnelson.com/economics/blacks-are-lazy.html
So, now that I've explained the background, I will demonstrate what I mean by how Eric Raymond typically constructs his arguments to support his political agenda, by ignoring valid criticism and turning it around on the critic by calling people names:
Even though Russell agreed the article was badly written, took it down, and voluntarily resigned, Eric demanded that OSI not only SUPPORT Russell, but waste their precious money, time, energy and reputation FIGHTING a BATTLE based on his own extreme right-wing libertarian "principles" against Russell's critics (who he called "FOOLS" and "THUGS"), which had NOTHING at all to do with open source software:
http://www.eweek.com/c/a/Linux-and-Open-Source/New-OSI-Presi...
“The people who knew Russ as a Quaker, a pacifist and a gentleman, and no racist, but nevertheless pressured OSI to do the responsible thing and fire him in order to avoid political damage should be equally ashamed,” Raymond said. “Abetting somebody elses witch hunt is no less disgusting than starting your own.”
"Personally, I wanted to fight this on principle," Raymond said. "Russ resigned the presidency rather than get OSI into that fight, and the board quite properly respected his wishes in the matter. That sacrifice makes me angrier at the fools and thugs who pulled him down."
Since both Eric Raymond and Russell Nelson lost their leadership positions as President of the Open Source Initiative because of their bigoted, racist, divisive and very public beliefs, you can guess which side of the Brendan Eich controversy they came down on:
"My first thought on hearing of the resignation of Brendan Eich as CEO of Mozilla: Congratulations, gay activists. You have become the bullies you hate." -Eric Raymond
And this from the same self avowed "cheerful gun nut" who threatened Bruce Perens:
https://lists.debian.org/debian-devel/1999/04/msg00197.html
"Damn straight I took it personally. And if you ever again behave like that kind of disruptive asshole in public, insult me, and jeopardize the interests of our entire tribe, I'll take it just as personally -- and I will find a way to make you regret it. Watch your step."
Bruce Perens Dead http://geekz.co.uk/lovesraymond/archive/bruce-perens-dead
Anyway, back to the criticism of TAoUP and Raymond's other technical claims to fame and self aggrandizing Autohagiography:
Everything he writes is deeply tainted with his one-sided partisan ideology and narcissistic self promotion, which is not just limited to Microsoft bashing, but to extreme right wing libertarian politics and guns. You can see that by the changes he made to the "Hacker's Dictionary", and you can see that in everything else he writes.
I've posted some typical reviews of the book in the other message.