Thread: Sending of Hacks to the Graveyard
View Single Post
  #118  
Old 07-26-2007, 08:08 PM
quiklink quiklink is offline
 
Join Date: Jun 2007
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by hambil View Post
Consider for a second that most uninstalls remove data from the database. Now consider that you have to deal with numerous angry and confused users and explain to them that the data they spent months, perhaps years, building and collecting has just been wiped out because they acted on advice to uninstall for a problem you could have fixed in 5 minutes had you been given some advanced warning. It costs real time, and yes, if you don't work for free then real money, to deal with that mess. It's also very upsetting to the users. Beyond that, there are numerous already stated reasons to tweak the process from how it is done now, and even the staff agrees, which is why changes are being discussed.
None of which has anything to do with or justifies leaving the end user vulnerable.

You say it their data can get wiped out, yes it can if they haven't backed up. That's the end user's problem not yours. Then again if they get hit due to the vulnerability while waiting for a fix they can run into a lot worse problems. I have no problem with changing how the user is notified and what they are told, it's a good idea. But it's never a good idea to leave them vulnerable. I mean how long is an adequate time to wait? What happens if the coder doesn't get the message about the vulnerability immediately because they are away from their computer, out of town, asleep, can't be bothered to update the code, etc? The end user is forced to remain at risk which is unacceptable.
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01184 seconds
  • Memory Usage 1,764KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete