Paddles! On Mon, Apr 29, 2013 at 11:25 AM, Thiago Macieira <thiago.macie...@intel.com> wrote: > A determined hacker could infiltrate Digia's network and tamper with their > email server. When an email is received for secur...@qt-project.org, it could > then forward the vuln to the hacker's own email address. This way, the > privately disclosed vulns are now publically disclosed only amongst hacker > circles, which means all of the _users_ of Qt binaries are left in the dark, > as well as for people building from sources (including Linux distributions). > > > Is this far-fetched? Maybe, but that's not the point. The point is: why do we > want to leave an attack vector open, if we can close it? > > -- > Thiago Macieira - thiago.macieira (AT) intel.com > Software Architect - Intel Open Source Technology Center >
+1 that's some sound logic right there. Why leave an attack vector open? d3fault _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development