← Back to context

Comment by tptacek

2 years ago

It's not interesting to say that lots of interesting eyeballs are helpful. Anybody would have said that prior to this article's publication. Raymond makes a much stronger claim (which is why it has the force of "law"), and it hasn't borne out.

19 comments

tptacek

Reply
jasmer  2 years ago

It's interesting to say 'a lot of eyeballs will do something' in a world where nobody believed it.

I think this thread overstates the reality of the very, very crude metaphor that illustrates 'why open source can work' - even if it is very flawed.

I think by now we all kind of know 'it depends' aka there's context to everything.

colinsane  2 years ago

if your process is “release often, but preserve quality by a staged release process (betas) in which power users can fix bugs before they reach the masses” then you’re pretty explicitly allowing bugs to be in the codebase transiently. combine that with projects of this era shipping with files like BUGS or ISSUES alongside their README or NEWS/release notes, and you have strong evidence that “transient” means “can knowingly be included in a release”. at that point it just feels false to read ESR as claiming anything strong like “with enough eyes the software will contain no latent bugs” (which i think is how one side of this thread is interpreting the essay?)

mjw1007  2 years ago

Again: the purported law says "shallow", not "soon discovered".

  • tptacek  2 years ago

    No, you can't get away with this semantic dodge, because Raymond numbered what he believed were the most important lessons he was imparting, and the one corresponding to Linus' Law is:

    8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.

    He even attempted an axiomatic explanation:

    Maybe it shouldn't have been such a surprise, at that. Sociologists years ago discovered that the averaged opinion of a mass of equally expert (or equally ignorant) observers is quite a bit more reliable a predictor than the opinion of a single randomly-chosen one of the observers. They called this the Delphi effect. It appears that what Linus has shown is that this applies even to debugging an operating system—that the Delphi effect can tame development complexity even at the complexity level of an OS kernel.

    • doctor_eval  2 years ago

      I agree with this take.

      I was a developer at the time (still am), and if I'm remembering correctly, ESR was active in Slashdot and a few other places I hung out.

      I took ESR's claim about bugs to imply that the quality of open source software would be greater than that of proprietary software because the number of people who had access to the code would inevitably result in less bugs. A lot of the discussions around C&B at the time were about software quality. I don't think anyone expected there to be zero bugs, just that there would be fewer.

      I am not convinced it turned out that way, but that's an interesting discussion for another thread.

      1 reply →

    • mjw1007  2 years ago

      Well, I'm baffled then. From where I'm sitting that point 8 is clearly talking about what happens after a bug is discovered, and not about discovering bugs.

      The longer paragraph doesn't seem to contradict the notion either. My impression (based on the "How Many Eyeballs Tame Complexity" chapter) is that Raymond thought that "debugging" means "fixing bugs".

      If I were criticising this part of essay, I'd say the main weakness is that the things Raymond thought of as "taming complexity" weren't really addressing the hard problem of reducing the number of bugs.

      2 replies →

    • narag  2 years ago

      No, you can't get away with this semantic dodge...

      Right, what about this one: the bugs are all found eventually, only not by the right person.

      Just kidding :)

    • thomastjeffery  2 years ago

      > 8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.

      The key word here is characterized. That word is not equivalent to found.

      Security vulnerabilities are unique in that they matter despite being unknown.

      Other bugs are only important because of their direct impact on users. It's not unreasonable to take everything here and apply it to known bugs, and not to unknown vulnerabilities.

      3 replies →

    • phkahler  2 years ago

      >> Given a large enough beta-tester and co-developer base...

      That's a qualifier for what follows it. Seems true enough to me. If there are enough developers to notice bugs, they will probably be found and fixed quickly.

      1 reply →

  • coldtea  2 years ago

    If they're not "soon discovered" then the use of the term "shallow" means absolutely nothing...