[clug] How you know your Free or Open Source Software Project is doomed to FAIL

Scott Ferguson scott.ferguson.clug at gmail.com
Fri Jul 31 22:14:49 UTC 2015

In summation(?)

The discussion wandered into general security, but some good points
relative to the subject came up which I'd add to the FAIL list (it's a
wiki, so maybe I can).

They all seem to fit under the category of
"things that don't discourage 'bad press' (in both interpretations of
the term) and "things that may discourage growing the user base".

Alex summed them up nicely with "we tend to judge
books by their cover". Rarely do we have the time or the
motivation to thoroughly 'prove' the degree of trust we assign.

In light of which I'd propose the addition of:-

Bad web design for hosting site [ +5 points of FAIL]
No SSL signed by a CA in a stock certificate store [ +1 point of FAIL]
The *only* installation instructions are "close your eyes and open wide"
[ +1 point of FAIL]
Documentation gives no examples [ +1 point of FAIL]

Apologies if I missed any. Thanks everyone - it's been instructional,
and fun.

Some of those might be used for another indicator list: "How to know if
It's a TRAP"

Someone who is a programmer, and not a cryptographer
or security engineer, is maintaining a fork of an abandoned encryption
project (because there's a market demand) [ +25 points of It's a TRAP]

Before anyone gets excited, was the XBox
encryption broken or bypassed to allow the installation of Linux? - the
answer may not be far away. The reason for the question is that the XBox
protection schemes were focussed on encryption... (It's a TRAP)

On 29/07/15 01:55, Scott Ferguson wrote:
> A list of indicators that may interest some list readers:-
> http://spot.livejournal.com/308370.html?nojs=1

Latest version:-

> Some excerpts:-
> === FAIL METER ===
> 0 points of FAIL: Perfect! All signs point to success!
> 5-25 points of FAIL: You're probably doing okay, but you could be better.
> 30-60 points of FAIL: Babies cry when your code is downloaded
> 65-90 points of FAIL: Kittens die when your code is downloaded
> 135+ points of FAIL: So much fail, your code should have its own reality
> TV show.

Kind regards

More information about the linux mailing list