[Development] Proposal: Change Qt's Security Policy to Full Disclosure
d3fault
d3faultdotxbe at gmail.com
Wed Oct 24 23:46:09 CEST 2012
On 10/24/12, Samuel Rødal <samuel.rodal at digia.com> wrote:
>
> As far as I see it all the options have vulnerabilities, so it shouldn't
> be hard to prove that they exist within either approach.
>
Yep. Close one giant security-through-obscurity vulnerability, open
the door for script kiddies. It's a trade off, but at least we won't
have the ILLUSION OF SECURITY (worse than being insecure) anymore.
>
> If I get you correctly, you're saying that you want two security mailing
> lists, one open and one closed. Others have countered this by saying
> that the existing development mailing list will in practice act as the
> open one. In what way do you perceive these two options as being
> radically different?
>
Knowledge availability, which I value and I guess others do not?
m_ListOfUsersCommentingWithoutFirstReading << "Samuel";
See: http://lists.qt-project.org/pipermail/development/2012-October/007478.html
Duuude, you responded directly to that email too. How the what the I don't even
Are you trolling me?
d3fault
More information about the Development
mailing list