lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1d3fdc6a-a98a-fe3b-2e3e-acc2ffa24f9d@gmx.com>
Date:   Mon, 3 Oct 2022 09:40:43 +0000
From:   "Artem S. Tashkinov" <aros@....com>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Mike Rapoport <rppt@...nel.org>, Al Viro <viro@...iv.linux.org.uk>,
        Steven Rostedt <rostedt@...dmis.org>,
        Theodore Ts'o <tytso@....edu>,
        Thorsten Leemhuis <linux@...mhuis.info>,
        Greg KH <gregkh@...uxfoundation.org>,
        Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
        workflows@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>,
        ksummit@...ts.linux.dev,
        Mario Limonciello <mario.limonciello@....com>
Subject: Re: Planned changes for bugzilla.kernel.org to reduce the "Bugzilla
 blues"

On 10/3/22 09:26, Geert Uytterhoeven wrote:
>
>> Imagine instead you send your issue to a random mailing list. What is
>> the chance another person with a similar issue will even find it?
>
> Do not underestimate the power of search engines.

I don't. In many situations the same issue can be described completely
differently and finding duplicates becomes near impossible. You
overestimate the power of search engines and the person's ability to use
very specific wording.

>> Again the volume of bug reports is relatively low, fewer than two dozen
>> a week.
>
> Which proves this tool is insignificant in the grant scheme of (Linux)
> things.


https://bugzilla.kernel.org/show_bug.cgi?id=204807

A very insignificant exchange of over 2 hundred comments, patches,
suggestions, etc. by the people absolute most of whom would have failed
to do that via email.

Nothing was lost, no messages were accidentally sent to SPAM, all the
people in the conversation _retained_ their privacy as Bugzilla _hides_
emails.

Hasn't privacy been raised as the cornerstone of this discussion several
times already? You're _far more private_ on Bugzilla.


>> * Multiple reporters can perfectly find the people who have made bad
>> commits or who are responsible for certain drivers - it's safer to CC
>> them _via_ Bugzilla than to email them _privately_ or via mailing lists
>> which entails multiple issues including trust, SPAM, formatting,
>> English, net etiquette, etc. etc. etc.
>
> Never send bug reports privately, unless you have a monetary
> relationship with the receiving end.  Always Cc the subsystem
> mailing list, so anyone involved can help.


I've done that on multiple occasions and in _many_ cases actually
received help vs. sending to a mailing list where my messages were
completely neglected.

For instance, I've CC'ed Linus Torvalds _privately_ from Bugzilla twice
and he _chimed_ in and _helped_ resolve the bugs. My messages to LKML
were _ignored_ by +1000 people subscribed to it.

You continue to talk as if random messages to mailing lists are
_actively_ monitored by developers. That's _not_ the case.

Absolute most developers actively monitor only messages from the people
they constantly work with. That's it.

Maybe I should start the list of "Why email sucks in terms of bug
reporting" because I keep saying the same stuff over and over again.



Regards,
Artem

Powered by blists - more mailing lists