Maxim Kammerer: > On Tue, Aug 6, 2013 at 1:07 PM, Jacob Appelbaum <[email protected]> wrote: > >> Somewhere there is a line and clearly, we failed to meet >> the high standards of a few folks on this list. I'm mostly curious if >> that high standard will be expressed in a cohesive manner where we might >> learn from it. >> > > Well, in the end, it's all done for the users. Keeping software up-to-date > is easier than following advisories, even more so if there is an > auto-update functionality. So I don't understand the big deal about not > reissuing advisories for upstream projects, which takes a lot of time for > dubious effect.
I tend to agree. > > Although the point becomes moot once you are talking about libraries that > are not directly used, unlike major Firefox-level applications. E.g.: > https://blog.torproject.org/blog/new-openssl-vulnerability-tor-not-affected > We wrote that because people asked us about those specific OpenSSL issues, if I remember correctly... >> http://pastebin.com/qWHDWCre >> >> It is awful for Mike and I can't even begin to find it funny in the >> least. Though I'll take your point that it is rich with awful irony. >> > > I don't think anyone took those guys seriously back then (or anyone whose > opinion matters, at least). > Sadly, Mike took their harassment seriously. It was awful. All the best, Jacob -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
