Re: Re: bleeding nessus

[Gadi Evron <ge () linuxbox org>]

Renaud Deraison wrote:
> Gadi Evron (ge () linuxbox org) wrote :
>
> > I believe (I am naturally, delusional) that you (Tenable) did
>
> > indeed put your name on plugin(s) you did not write.
>
> Gadi,
>
> Please back up your claims. As the person committed over 99% of the 
> plugins which are in the CVS repository, I'm simply insulted by what 
> you're saying.

I am insulted by much of what you are doing since the license change, so
we're even.

And if one person committed 99% of the plugins, we are in a worse state
than I figured.

> Please list the plugins whose (C) we have modified, please list the 
> websites that we have "squashed" with the original plugins, I'd be  very
> interested seeing them.

I never said websites.

> We _never_ change the name of the authors of a plugin. Leaving ethics 
> and law aside, that would be a very stupid move: not only it's not  like
> there's a shortage of vulnerabilities to write plugins for, but  if the
> human being who wrote the plugin originally actually  discovered that, I
> guess he would (rightfully) talk about it on every  public mailing list,
> including the Nessus mailing lists (which are  not moderated). If
> someone is smart enough to write a plugin, he's  probably smart enough
> to complain when he sees his work being stolen.
>
> When someone submits a plugin, I _never_ touch the script_copyright() 
> call. Even when I end up fixing all the plugin code and only keep the 
> description part of the plugin.
>
> I also pointed out numerous times that if people do not trust us (or 
> me), they can submit their plugins to the plugins-writers mailing  list
> so that everyone can see who submitted what.

Refer to earlier email messages. It's time to move on.

I have a strong suggestion. How about I do take everything back, and you
start a new community and mailing list, based on neutral territory? We
can ask the guys at bleeding snort, whitehats or some of the sort to help.

Then you can ask people to email their GNU plugins there, to be admitted
to the CVS repository, and if you like them, you can take them into
yours. That's how communities start - rather than by censorship.

Then you, according to your claims, would be happy - and so would I.

> What you're doing is slander and libel - back up your claims or STFU.

I do apologize if I hurt you - personally, as slander is the last thing
I intend.

I'll email details in *private* when I get time, or John will ping me to
do so. Then again, I am considering taking this back as you guys won't
supply anything on your end.

Anyway, there is an Hebrew phrase that goes, roughly: "On the head of
the thief the hat burns". Kinda.

If a guy like John works for you, you can't be all bad. Maybe you should
think of what I said, as well?

        Gadi.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave