Quote:
|
Originally Posted by tgreer
And there it is. And you wonder about all the complaints regarding an elitist, cliqueish attitude here? I thought that was one of things that was going to be fixed. Evidently not.
|
Yes, because giving small perks in return for contributing to this site is BAD. Oh please.
As another example, say that the administrator of very large forums like TAZ or some other board joined you forum. Would you immediately give him access to the Mod/Admin forums just because he knows how to administrate a forum? This is no different, beyond the fact that it's easier to attain Coder status on this forum than it is to become Administrator on most forums.
Quote:
|
Originally Posted by tgreer
I disagree strongly - I advocate full disclosure of security issues, so that those affected can take immediate action. Why hide such issues behind closed doors? If I'm running a plugin with a security hole, I'd hope that the plugin author would make a public posting of the specific issue, steps being taken to address it, and a timeframe for the fix.
|
And what about the cases where the author is not available, either through explicit desire or involuntarily?
Example; vBShout. Brad released the fix for the security issue there. Was this issue made public? Was explicit code posted as to how you could exploit this? I think not. If that was so, then a hacker would have to do nothing more than to ally himself with a licenced member of this forum and thus have potentially thousands of forums available for exploiting.
It seems to me like you are saying that potential revenue lost for hundreds, maybe even thousands, are less worth than the idea that coders should not gain any benefits even though they spend up to years of their time coding solely for the benefit of this community.
Because to me, that sounds pretty damn retarded.
Whereas with a coders forum, vulnerabilities could be discussed amongst those that would be less prone to exploit them - after all they themselves could be in the same boat at one point...
I just don't see where having a public discussion about it would be beneficial.
Security vulnerabilities should be private at all times (by this I mean the specifics, and POC (Proof Of Concept) code, not the fact that there
is a vulnerability), and reported to the vendor as soon as possible.
If the vendor is unable/unwilling to provide a fix, 3rd parties should come up with a fix, in this case in the form of Staff updates.
Never should POC code be posted public, because of abovementioned exploit possiblilties.
Surely you must see how posting such code public would cause a severe loss of revenue or data?
Quote:
|
Originally Posted by tgreer
I think what it boils down to is that some coders want a semi-private cloister where they can code and hack without being bothered by newbies, except insofar as said newbies gratefully install their hacks.
|
What coders forum are
you referring to, because I have yet to see a single hack being released in that forum...
I think you might be misunderstanding what forum we are talking about.
I am talking about the Coders
Discussion forum where coders
discuss things that are of no value to newbies or learners.
Quote:
|
Originally Posted by tgreer
You know, part of me sympathizes with that. I just don't think that's what .org is meant to be. That can't be what JelSoft intends, especially when the default answer to most questions on .com is "ask over at vbulletin.org". This is, for better or not, the "official" site for custom vbulletin development. To me, that means a few things, including active, open coding discussions, and professional moderation. For those who want a private 1337-coderz club, I would say "it's time to grow up".
|
Part of me sympathises with the notion that coders should release their work for free and hardly see a thank you in return... actually no I don't.
Not to mention how the fact that this is the official site for vBulletin modifications has
no relevance whatsoever to whether or not there should be a coders discussion forum or not.
For the kind of users like you, who feel that it's wrong for coders to get a small bit of recognition for their work, I would say "drop your communist attitude and realise this isn't the Soviet Union".
Quote:
|
Originally Posted by tgreer
I would say that, but apparently I'm in the minority. So, time for me to slink back into the woodwork, and rely on vbulletin-faq and vbhackers and daniweb...
|
You may not be in the minority in this thread (!), but given the fact that you are completely unable to listen to the words of the other side of the coin, I would agree with the notion that you should venture to those other sites.
Quote:
|
Originally Posted by noppid
You lost me at... "I find this offensive" and then went on to say you "don't give a shit", Revan.
|
And you lost me at the point where you completely ripped those two sentence parts out of context and try to fabricate your own little meaning so that you can carry on a dead argument.
What Im saying is what I wrote in the above post, what would you do if an administrator of WebHostingTalk joined your forum and demanded to be an Admin (even if you don't need admins) just because he knows how to administrate forums? Would you, like I said, give a shit about his experience?
If they are so goddamn excellent at coding, why don't they release something?
Quote:
|
Originally Posted by noppid
Actions like that are the pinnacle of the problem.
|
No noppid, the pinnacle of the problem is that users who show no interest in improving this community
whatsoever come waltzing in here and
demand to be treated as equals (I mean this in ways of recognition (ie coders discussion forums), not as human beings) alongside those who
do contribute. A ridiculous idea which has been long pronounced dead, but which somehow keeps getting flogged by people like you and that guy above whos name I wont even try to spell.
Quote:
|
Originally Posted by noppid
License holders should not be supject to segregation nor such elitist demeaning attitudes. .org is either an open development enviorment or not.
|
Oh for the love of all that is holy, this is a sodding FORUM, not a concentration camp! You are blowing it so way out of proportion, it's a wonder you still have the slightest idea about what the core of the matter is.
To everybody who is going to argue this post,
please actually answer my quotes in their fullest, instead of cutting out bits and forming your own idea of what I said. Read the message. Read the message. Read the message.
It is becoming increasingly difficult not to insult people who can't seem to read a message in context, and I don't know how much longer I can go on. And the minute I pop, the thread gets closed. And if the thread gets closed, you'll have to repeat your counterproven statements in a new thread.
Nobody wants that, ok?
More Information