Thou shalt have no other gods before the ANSI C standard 1418

The thing is Gwyn has been making a lot of claims that he's been unable to back up, in a thread about security. Seeing those posts consbreastutes knowledge of the "buttumee". Also there's lots of "critical work" (e.g. some of the posters have done avionics stuff) that still doesn't have to withstand the level of security attacks that widely deployed internet software has to withstand. So I'm less impressed by an avionics implementer's opinions about security implementation than I am by the qmail author's, even if the avionics code will kill more people if it fails somehow.

And of course, there's widely deployed closed source internet software as well, e.g. Windows, though for the most part its security record is crap compared with qmail's. And if a Windows security implementer starts posting here about those issues, s-he'll still have some credibility from at least having fought those same battles, even though they've lost some of them. What impresses me less is when armchair generals who have never had their software actually exposed to these kinds of attacks go and say that their development methods will result in secure software, since after all those methods work on everything. Defending against accidental errors is radically different from defending against attackers.