On Sun, Jan 06, 2008 at 11:18:17PM -0500, Richard Stallman wrote: > Can you tell the FSF web programmers to do more checking for HTML/SQL > injection vulnerabilities? > > I know nothing about that issue, but I will forward your message. > Teaching the public about this issue is a good thing to. > However, the way you did it was predictably bad.
just as you should not have talked without knowing what you were saying, the people who wrote that should not have done so until they knew what they were programming. the only thing consistent in your posts here is that it's ok to spew crap ... > By publishing it, and telling only me--not anyone who could fix > it--you made sure a day would go by when others know about the problem > but our sysadmins did not. It would have been better practice to tell > our sysadmins privately first, and give them a couple of days to do > something before educating the public. and then complain when the crap is discovered ... > I hope that you have not arranged in effect to cause our web site > to be attacked. and then accuse the people who find the crap of victimizing the crap spewer. hey, I know, why don't you tell people it's unethical to spew crap? it would lead to less security problems in the computer world, and less misinformation in general can only lead to more freedoms. I think many people, both in the computer world and outside, would agree. I'd say you'd even have a larger following than you currentlty do. well, except that you're one of the biggest crap spewers, ever. so, you have to have some other soap box to stand on, since it is far too obvious that you can't run on the "no crap spewing" platform, because you are a liar and a hypocrit. and here's an example of how I think your general "ethics" stinks. you are not subscribed to misc@openbsd.org, even though you have stated yourself that you started this thread. I consider it unethical - no I'm not going to use your words. I consider it inhumane to post to a list without subscribing. why? to make sure I get all responses. it's very easy to subscribe and unsubscribe to any list I have ever posted to. I'm the one posting, and I am responsible for that post. had you been subscribed here, you would have seen the URL above long ago. instead, you are _now_ harshly accusing someone of releasing this "vulnerability", _after_ it could have already been fixed, were you not so inhumane - well, that's a little harsh - lazy and arrogant that you didn't bother to subscribe before posting. do you really think we are suposed to believe you, a lazy, arrogant, lying hypocrit, because you accuse people discovering facts of being in the wrong? and are we supposed to not believe that you are a lazy, arrogant, lying hypocrit because you have your own definitions, are too busy, rely on other peoples' information, and can't use a normal web browser? -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
