This is indicative of a more general phenomenon: the world is big enough that attention is stretched thin. If you invest a few weeks of thoughtful work into a specific corner, just because YOU care, you can quickly surpass broader experts.
This doesn’t devalue broad expertise in general. Focused amateurs benefit significantly from access to experts, and you need some level of training/experience before you can pull this off. The point is that attention and persistence are valuable.
Consider someone with human body. There’s a lot going on. You can go to a doctor. You can go to specialists. It takes weeks and months to get seen and you get minutes of their time. If you have a complex condition, it’s very hard to find and capture the attention of an expert who can address the breadth of the problem.
You have to get informed. Not the “do your own research” trope that leads to anti-vax and flat-earth nonsense. You have to document your symptoms. Figure out how to tell your story concisely. Learn what the relevant specialties are and the language they use. Dig into primary sources for early studies and experimental interventions. Nobody else will do this work for you. For much of it, nobody else can - because only you have direct experience of the problem.
The software ecosystem is the same. It’s huge, interconnected, with silo’d experts and communities of practice. A competent, motivated person can chart unique, rewarding paths. Keep pushing!
Wow, the previous thread had a lot of similar war stories of big companies trying to pass off other people's work as their own. I didn't realize the practice was so widespread! I'm probably spoiled working for HugeCompany but we have thorough legal reviews of all external dependencies we pull in that goes down to the source code to find and stop improper uses of "other people's work". Crazy to hear how much casual credit-taking happens in this industry.
I went to a Sun conference almost 20 years ago. I remember there was a presentation on Solaris internals and I decided to attend on a whim, since I knew so little about it. I will never forget something the presenter said and how smugly he said it:
"If Linux is better at anything than Solaris then that's just a Solaris bug."
Turns out that, looking back, Solaris must have been full of bugs.
At some point in the past, I attended a Sun security-themed Thang in Los Angeles (small group).
The presenter was talking about a Solaris PAM integration with LDAP auth right before the break for lunch. The auth was done via a "query-username-and-password-strings-from-LDAP-and-compare-locally" method. I pointed out some issues with that - needing a privileged account for the query since the password LDAP attribute is usually protected, password hash on the wire (l0pht was a thing by then, so it felt wrong to sling those around), couple of others.
To their credit, I spent the lunch break with a couple of their engineers in front of a whiteboard working through a 'bind[1]-as-user-to-auth' mechanism instead. I'd like to think this helped their PAM LDAP module become more secure.
Eh, I dunno, sounds like it could've just been a statement of their lofty goals. Here is from mold linker’s readme.
> mold is so fast that it is only 2x slower than the cp command on the same machine. If you find that mold is not faster than other linkers, feel free to file a bug report.
My experience with Sun products was before and after Oracle acquisition extremely bad. Particularly the last times when they started supporting intel and went open source.
Hmm still clickbaity because you don't know how it happens. Better title:
"This is the story of the most unbelievable demo I've been given in world of open source. You can't make this stuff up.
It was 2005, and I felt like I was in the eye of a hurricane. I was an independent performance consultant and Sun Microsystems had just released DTrace, a tool that could instrument all software. This gave performance analysts like myself X-ray vision. While I was busy writing and publishing advanced performance tools using DTrace (my open source DTraceToolkit and other DTrace tools, aka scripts), I noticed something odd: I was producing more DTrace tools than were coming out of Sun itself. Perhaps there was some internal project that was consuming all their DTrace expertise?
DTraceToolkit v0.96 tools (2006)
As I wasn't a Sun Microsystems employee I wasn't privy to Sun's internal projects. However, I was doing training and consulting for Sun, helping their customers with system administration and performance. Sun sometimes invited me to their own customer meetings and other events I might be interested in, as a local expert. I was living in Sydney, Australia.
This time I was told that there was a Very Important Person visiting from the US whom I'd want to meet. I didn't recognize the name, but was told that he was a DTrace expert and developer at Sun, and was on a world tour demonstrating Sun's new DTrace-based product. Ah-hah – this must be the internal project!
But this would be no ordinary project. I'd seen some amazing technologies from Sun, but I'd never seen a developer on a world tour. This was going to be big, and would likely blow away my earlier DTrace work.
The VIP was returning to Sydney for a few days before going to the next Australian city, so we agreed to meet at the Sun Sydney office.
That's kind of long-winded. Maybe the title should just sum up what happens in the article, in a way that sort of gets your interest and makes you want to read the story.
I don't get it how he didn't followed up on this. I guess copyleft licenses (and adding licenses at all) wasn't that widespread back then, but this would have been easy (and fair) money, either licensing, hiring, consulting or behind the curtains arrangement.
I would swear that many years ago, there had been an indicent whereby some individual or group took the GNU CLISP sources (a Common Lisp implementation written mostly in C), converted it to C++ and passed it off as their own work.
Unfortunately this doesn't seem to be an isolated incident in the corporate world. There's been a few caught that made the news, but probably more that haven't.
This doesn’t devalue broad expertise in general. Focused amateurs benefit significantly from access to experts, and you need some level of training/experience before you can pull this off. The point is that attention and persistence are valuable.
Consider someone with human body. There’s a lot going on. You can go to a doctor. You can go to specialists. It takes weeks and months to get seen and you get minutes of their time. If you have a complex condition, it’s very hard to find and capture the attention of an expert who can address the breadth of the problem.
You have to get informed. Not the “do your own research” trope that leads to anti-vax and flat-earth nonsense. You have to document your symptoms. Figure out how to tell your story concisely. Learn what the relevant specialties are and the language they use. Dig into primary sources for early studies and experimental interventions. Nobody else will do this work for you. For much of it, nobody else can - because only you have direct experience of the problem.
The software ecosystem is the same. It’s huge, interconnected, with silo’d experts and communities of practice. A competent, motivated person can chart unique, rewarding paths. Keep pushing!