Full Disclosure mailing list archives
Re: Right, or wrong?
From: Steven <hairpinblue () yahoo com>
Date: Thu, 9 Aug 2007 01:07:12 +0000 (UTC)
On Tue, 07 Aug 2007 17:46:51 -0400, Jared DeMott wrote:
Is it morally right, wrong, don't know, don't care, good business, bad business, etc.? Either way we're moving away from that model, but I was just curious how others on FD see it.
That depends on how much I paid for the software and what kind of license it has. If I paid money for the software and I find a bug then I've become a free beta tester. Nobody else works for free. Why should I? I advocate the model of notifying the vendor, give them a standard galactic week (or a few business days) to respond and, if negotiations aren't to my liking, put the bug on a public list. The interest here is not to wreak havoc but to apply a force feedback sending two signals to proprietary vendors: ) write better code and ) pay for your beta testers. If the software came gratis, free, open, share, trialware, crippleware, or CCGMS-Orchidware then I accept some responsibility for being a contributing beta tester. In this scenario there is some moral obligation to ensure that the vendor is the first to know of the bug. If I find a bug and my coffee was good that day then I'll send a notification to the development maintainers. If my coffee sucked or if someone forgot the sprinkles on my donut then I keep the bug in my own personal files until I feel like disclosing it. If the vendor does not acknowledge the bug within a standard galactic week (or a few business days) then it goes on a public list. If the vendor does acknowledge the bug then, as a contributing beta tester with a somewhat moral obligation, I would make an honest effort to keep the bug under wraps until it has been fixed. If tomorrow's donut is still missing sprinkles, though, it may become progressively more difficult to keep the bug quiet. I tend to talk more at the water cooler when my donut has upset me. I think that's part of being human. In anticipation of people asking about personal info, or bank records, or a bug that suddenly brings down the power grid of the entire world and launches all of the nuclear warheads: Hey, dumbasses, maybe someone should've thought about that before siphoning millions of dollars into, endlessly promoting, and ensuring the business success of pure crapware vendors and crap platforms (such as endlessly extensible HTML) for the sole purpose of monetary profit. It's hardly my fault if mankind's idiocy and greed results in its own extinction. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Right, or wrong?, (continued)
- Re: Right, or wrong? Robert Kim Wireless Internet Advisor (Aug 07)
- Re: Right, or wrong? Sol_Invictus (Aug 07)
- Re: Right, or wrong? Brian Eaton (Aug 07)
- Re: Right, or wrong? Sol_Invictus (Aug 07)
- Re: Right, or wrong? Thierry Zoller (Aug 07)
- Re: Right, or wrong? monikerd (Aug 08)
- Re: Right, or wrong? Fixer (Aug 08)
- Re: Right, or wrong? Byron Sonne (Aug 08)
- Re: Right, or wrong? Valdis . Kletnieks (Aug 08)
- Re: Right, or wrong? Byron Sonne (Aug 09)
- Re: Right, or wrong? J. M. Seitz (Aug 09)
- Re: Right, or wrong? Valdis . Kletnieks (Aug 08)
- Re: Right, or wrong? Robert Kim Wireless Internet Advisor (Aug 07)
- Re: Right, or wrong? Steven (Aug 08)
- Re: Right, or wrong? ireadit (Aug 08)