The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security: How we did it

Christoph Lameter <clameter@waterf.org> writes:

> Also security holes should not be discussed in public as has been done
> with the dosemu issue.

I'm not sure I agree with this.  If I hadn't seen the issue raised, I
wouldn't have been aware that I should be careful with dosemu.  Hell,
I wasn't even aware that it was suid (my fault, I suppose).

I'd much rather know why I'm doing something than just be told "It's a
security problem, remove it from your system if you're worried".  This
could get us into the whole argument over programs like Satan.

I think dissemenating this knowledge widely is a good thing, not a bad
thing.  For one, it makes me, as a programmer, more aware of the
issues involved in making my own software secure.  For another, it
moves the security issues from the dark back rooms where only the
software authors and those determined crackers are "in the know".

Distributing/discussing the issues widely has all the benefits that
normal free discourse has, and makes it more likely that people will
be sensitive to the issue in the future, whether they are installing
or writing software.

--
Rob


--
This message was distributed manually by Bruce@debian.org after the list
initially failed to distribute it.