>Don't most major Open Source projects ask that patches be e-mailed to >a dev mailing list? Isn't the only problem with this patch that they >didn't include the mailing list because it was of no consequence to >the majority of Asterisk users?
Well, I was not going to this thread, but if you're asking this, then there are some things that aren't clear. Mailing to a dev mailing list is different, since you're essentially saying "Here's something we fixed. Check it out.". Emailing your customers and saying "urgent red alert install this patch or we're gonna cut your service" is a completely different thing (and with no link or anything to verify). The issue is more about how a company is dealing with its clients, not how open source developers deal with code. Another difference is that dev lists go to people who are at least thinking that they are devs. Many customers are not devs. If I'm running Asterisk cause it's cool, and I get an urgent message telling me to install a patch, I'll do it since I don't want to have my service suspended. This is the same social engineering attack that email viruses use. That's why a good company won't send out binaries or harmful instructions in email. As Linux and Asterisk get more broad exception, the level of people using it will decrease. They might have had some reservations about blindly trusting patches via email, but now we've seen that this is sometimes legitimate. That sets a bad precedent for the future. Don't ASSume anything about your customers. -Michael _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
