Let me start by saying I basically understand your last point: it's not worth it because it won't work.
On Fri, Dec 05, 2003 at 04:01:42AM -0600, Manoj Srivastava wrote: > who follow secire processes. Blowing 40k collectively is unlikely to > buy us much security. Like I said, it may be that it would be wasted money. But you are switcing arguments here. Originally you were bristling at the suggestion that you spend your own money. Now you seem to be okay with that, but saying it would be wasteful because you basically don't trust smartcards. I don't trust them either, but they are a layer. Of course, they may be an absolutely useless layer, but they may not. I think this is your true objection (to smartcards at all) and not to the suggestion of having your spend your own money to improve the project. And that's an acceptable belief (although it *may* not be correct). But if you want to explore other, free ways to improve Debian's security process (such as auditing one another's machines or some other way I can't think of), that's a good thing. The point is: a failure occured. Don't let it happen again. > > >> Let me see if I can point out the logical flaws in words with few > >> syllables. > > Take a bath? take a _bath_? What are we, back in grade school now? You're not seriously talking about taking pot shots are you? Tit for tat. But I withdraw the remark, I was thinking of the traditional image of the long-stringy-haired Unix hacker such as RMS. I was picturing RMS -- I didn't mean anything else. :-)
