[Development] Proposal: Change Qt's Security Policy to Full Disclosure

d3fault d3faultdotxbe at gmail.com
Sat Oct 20 05:18:07 CEST 2012

On Fri, Oct 19, 2012 at 3:37 PM, Knoll Lars <Lars.Knoll at digia.com> wrote:
> This is just wrong, and I'm getting tired of your ramblings on this mailing list. Just because you send something to the ML and people get tired of answering you doesn't mean your proposal is accepted.

I was writing that tongue in cheek and mocking Thiago. Sarcasm > You.

> We have a fully worked out proposal by Rich on the table that many people agreed with, and we'll stick with it for now.

His proposal is alright, with the exception of handling incoming
vulnerabilities. He didn't even discuss the subject, so what do you
even mean sticking with it?

> Lars

I'd expect more from you, being the Chief Maintainer of the project
and all. What a worthless post. You didn't even attempt to tackle my

Speaking of which, if ANYBODY can defeat it, I'll shut up here and now.

Ok noobs, you leave me no choice. Just like when someone doesn't
believe a specific vulnerability is legit, I guess I have to prove it
with an actual exploit. So I'll be ditching this alias and creating a
new one. Unlike the provingapoint12345 puppet, it will appear entirely
real (hurr I can use tor etc you morons (TAILs means any 5 year old
can)). I will stop being mean to people, and I'll even contribute
random bug fixes or other small contributions just to earn merit.
Thiago has already indicated that it's pretty easy for someone to join
Qt's security team. So after I get in, I'll be secretly publishing all
the reports to cracker circles around the globe.

Guess your only counter is to never let anybody else join the security
team. Good security policy you got there. Sholy Hit I'm surrounded by


...rejoice that I am leaving, but know that I am here in the shadows
watching you [mas7urba7e] from a distance...

More information about the Development mailing list