lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: benfell at greybeard95a.com (David Benfell)
Subject: Re:Flares and personal opinions

On Sun, 14 Jul 2002 16:41:03 +1200, Nick FitzGerald wrote:
> "Berend-Jan Wever" <SkyLined@...p.tudelft.nl> wrote:
> 
> Nothing personal dude, but ...
> 
Nonetheless, I felt he raised some valid points, even if I don't
entirely agree with all of them.  Simply because this is an
unmoderated list does not mean that normal rules of list etiquette do
not apply.

Among them, as you pointed out, is the one about HTML e-mail.

Having participated in a few flame wars myself, I'd hate to simply say
that it's rude to flame.  If we didn't care, we wouldn't get mad.

And security is something to care about.

So I'll say this about flaming instead:  When you flame, at least say
something substantial.  Simply saying that something sucks really
doesn't cut it.  Explain why it sucks, so we at least have something
to argue about.

The posting about the anonymizing web sites is a classic example.  He
just said it's broken, with hardly any explanation of why it's broken.
He didn't explain his testing procedure, nor did he explain what
results he's looking for, contrasting them with the ones he actually
got.  Finally, he didn't explain how these results undermine their
utility in anonymizing web access.

Next, don't bother with old news.  Old news is old news.  It's dead.
Just because you can't bury it doesn't mean you should drag the rotten
corpse around and force the rest of us to take a whiff.

The postings about the Bugtraq lists are old news.  Those lists have
been around for years.  There's nothing new about how they're being
administered so we really don't need to hear your general complaints
about them here.

Notice I said general complaints.  If they're doing currently doing
something specifically wrong with a specific issue, that's fair game,
as long as you explain yourself.

Next, keep personal attacks to a minimum.  If somebody is being
stupid (as opposed to ill-informed), it's reasonable to whack them
with a clue stick.  But remember, we're here to exchange information,
so explain yourself.

Simply saying someone is a stupid dumbfsck is not nearly so impressive
an argument as explaining point by point why everything they said is
simply wrong.

There's an underlying theme here.  Explain your position.  You might
be right, you might be wrong.  Either, really, is okay, because even
when you're wrong, we can show where you're wrong.  Or maybe we're
wrong in thinking you're wrong, in which case, you can argue back.

We learn that way.

The idea is that there always needs to be substance.  As fellow
humans, we might care about your emotions, but as administrators and
programmers, we need information we can act on.  Your anger is not
something we can do a lot about.

My last point on flames would have to do with frequently asked
questions which are documented.  Remember that just because you know
where to find the answer to that question doesn't mean I do.  And
sometimes I can't figure out what search terms to use to get
reasonable results from Google.  Also, some documentation, including a
lot of man pages, seems to presume you already know the answer.

Good technical documentation is hard to come by, partly because most
technical writers are hacks working for marketing departments.
Documentation written by programmers, on the other hand, often suffers
for a variety of reasons.

So RTFM is often not an adequate response -- make allowance for that
possibility.

When flaming, it is important to do it well.  Otherwise you may look
like the bigger fool.  And if done well, flames still contain valuable
information that can be useful in ferreting out the greater truth
surrounding any particular issue.

And that is why we're here.

-- 
David Benfell, LCP
benfell@...ts-unknown.org
---
Resume available at http://www.parts-unknown.org/resume.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020714/2da6f5a6/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ