Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re^2: Status of Recent User Information Leak

by Anonymous Monk
on Jul 31, 2009 at 18:10 UTC ( #784964=note: print w/ replies, xml ) Need Help??


in reply to Re: Status of Recent User Information Leak
in thread Status of Recent User Information Leak

"Thanks to all the gods for the hard to work to handle this breach as gracefully as possible ..."

Um. I do not share such sentiments. Perhaps I am wrong, but it seems to me that the "gods" knew about the password being stored in plain text for a long long time and did nothing to alert us or fix the problem.

So, no. I don't thank them for this at all.


Comment on Re^2: Status of Recent User Information Leak
Re^3: Status of Recent User Information Leak
by Anonymous Monk on Jul 31, 2009 at 18:16 UTC
    Everyone who bothered to find out knew it was stored as plaintext, no claims were ever made to the contrary. Fixing this was in the TODO... I still thank them, they're volunteers
      Kind of like how the hackers bothered to look into it?? This apologist attitude is tiring and counter-productive. Thank the people for the great volunteer work they have done and are still doing, but please don't apologize for the glaring oversights that also occurred. I mean, what are we, some large corporation concerned more about covering things up and figuring out how best to spin this?? I'm not sure what the beverage of choice is for Perl programmers, but I'm pretty sure it's not Kool-Aid!!

      Elda Taluta; Sarks Sark; Ark Arks

        My outrage was deemed paranoia in the face of a horde of apologists. We need less anonymonk posts on this and say it plainly: the conduct was not acceptable. My thank you's are hard to find when the persons I am supposed to thank are at fault to begin with. If a bank gave away your personal info and didn't notify you, but said they'd get around to fixing it someday, do you send them an e-card?
        I'm not apologizing. The outrage is what is tiring and counter-productive. I'm sorry you feel a free website owes you bank level security. Like a building with high level of security, but once inside "personal records" are only secured by padlock. Did it promise you security from breaking/entering? No. They're not protecting your money, only one single word, your password. Ok, 3 words if you put in your real name. Be outraged at yourselves for
        • put in personal information into random website
        • reuse passwords
        • confuse random website with a bank or shopping site
Re^3: Status of Recent User Information Leak
by gregor42 (Parson) on Aug 03, 2009 at 16:36 UTC

    Calling someone with a legitimate grievance a 'troll' simply because they make their point forcefully is simply inaccurate.

    I agree that this site is maintained by volunteers. I humbly thank you all for the years of effort that you have donated. I and everyone else here have enjoyed the free ride.

    I will point out that "free ride" means a very low expectation level.

    But are we not all software developers? Do we not practice what we preach? I do not expect us to provide the same level of service that a bank does - in a way I want MORE - since we are trying to set an example to follow.

    But again, 'volunteers' means that I do not get to expect that - as much as I would like it to be so.

    However - that the volunteers had the time to modify the voting and experience system but no time for security - is a damned shame.

    It is more embarrassing still when I read in TheRegister that maybe people will not trust perl as much because of this.

    That strikes me as a larger problem.

    So has anyone volunteered their time to work on security & fix the barn doors after the horses have eaten our children?



    Wait! This isn't a Parachute, this is a Backpack!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://784964]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (14)
As of 2014-07-22 10:41 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (109 votes), past polls