--- crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
On Tue, Sep 11, 2018 at 12:09 AM, Ignotus Peverell <igno.pever...@protonmail.com> wrote: > Hi, > > We published a first version of our vulnerability disclosure and security > process (also copied in full below for convenience): > > https://github.com/mimblewimble/grin/blob/master/SECURITY.md > > I believe there are quite a few security researchers for whom I have a lot > of respect on this list. Your feedback on the policy and how we can improve > it would be extremely valuable. Thanks in advance for any help! I'm hoping > we can set a good example and influence other projects to adopt a similar > policy. > > - Igno > > P.S. Big thanks to Neha for her last post, it was timely and proved to be a > very useful reference! > > --- > > # Grin's Security Process > > Grin has a [code of conduct](CODE_OF_CONDUCT.md) https://github.com/mimblewimble/grin/blob/master/CODE_OF_CONDUCT.md ah. i had not realised that the project has adopted one of this extremely dangerous and toxic documents. to illustrate extremely graphically why they are bad, here is an absolutely and utterly incomplete list of example "behaviours" that have "forgotten" to be added: it is unacceptable to murder, kill, rape, or to plan any of these activities, with respect to any members. ... get the general idea? adopting a toxic proscribed "list of behaviours" absolutely terrorises contributors "in case they might accidentally hit one", and it absolutely disgusts people who would never even *remotely* consider doing any of those things. worse: the people who *would* do these kinds of behaviours will do them... *REGARDLESS OF THE EXISTENCE OF THE TOXIC DOCUMENT*. so the only effect that the toxic document has is: poisons and terrorises contributors. therefore, i strongly, STRONGLY recommend that you REMOVE that document as it will completely and irrevocably change the nature of the project, and cause it ongoing harm. if you would like to hear of a recommendation for an alternative, i am happy to advise: you only have to ask. however... if i do not hear from you within a week, or if you, the developers, have no intention of replacing that extremely dangerous document with an alternative, then i will require that you remove me from this mailing list, and i will be recommending to the people that i am in discussions with that this project be blacklisted from consideration. it's *that* serious. if this at all shocks you, please research the recent FreeBSD adoption of a similar toxic document, and the effect that it had on FreeBSD's adoption and development. l. -- Mailing list: https://launchpad.net/~mimblewimble Post to : mimblewimble@lists.launchpad.net Unsubscribe : https://launchpad.net/~mimblewimble More help : https://help.launchpad.net/ListHelp
