||Open Source Security: Still a Myth|
|Subject:||a little editing --|
Response to: a little editing --
No, he's saying that because of the tight timelines, people can't waste days and weeks on arguing over whether something should be done. If the developers and the auditors disagree over whether the implementation should be changed, then they put their relative cases forward in a meeting with project management and/or product management, a decision is made, and the results are acted on. If one side doesn't like the decision, they may grumble but they're not able to do much more than that unless they want to quit their job.
Hear us Roar