Security related domain: "for many areas of security functionality—crypto primitives implementation is a good example—the number of suitably qualified eyes is low."
So what exactly is the “myth”? The common form of the maxim seems to be “Many eyes make all bugs shallow”. But this seems a bit vague to me.
But that's how it is perceived.
How about this to be more specific: “Sufficiently many eyes make all bugs shallow”. Expressed that way, is it a myth?
Even *if* you have many eyes, there is *no* guarantee that you will catch all bugs (or even a specific one). Only if *sufficient* is translated to *infinite* will it be guaranteed. Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/