From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1H7cOP-0001kz-N2 for garchives@archives.gentoo.org; Thu, 18 Jan 2007 18:53:46 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0IIpwfe013110; Thu, 18 Jan 2007 18:51:58 GMT Received: from poseidon.rz.tu-clausthal.de (poseidon.rz.tu-clausthal.de [139.174.2.21]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0IIpwc7013210 for ; Thu, 18 Jan 2007 18:51:58 GMT Received: from poseidon.rz.tu-clausthal.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 37DE8205B16 for ; Thu, 18 Jan 2007 19:51:58 +0100 (CET) Received: from tu-clausthal.de (poseidon [139.174.2.21]) by poseidon.rz.tu-clausthal.de (Postfix) with ESMTP id 1298A205A08 for ; Thu, 18 Jan 2007 19:51:58 +0100 (CET) Received: from energy.heim10.tu-clausthal.de (account wevah [139.174.241.94] verified) by tu-clausthal.de (CommuniGate Pro SMTP 5.1.4) with ESMTPSA id 19962706 for gentoo-amd64@lists.gentoo.org; Thu, 18 Jan 2007 19:51:57 +0100 From: "Hemmann, Volker Armin" To: gentoo-amd64@lists.gentoo.org Subject: Re: [gentoo-amd64] Re: MAKEOPTS values for Athlon 64 X2 Date: Thu, 18 Jan 2007 19:51:57 +0100 User-Agent: KMail/1.9.5 References: <146611.34328.qm@web31602.mail.mud.yahoo.com> <200701181712.53640.volker.armin.hemmann@tu-clausthal.de> In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-amd64@gentoo.org Reply-to: gentoo-amd64@lists.gentoo.org MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200701181951.57459.volker.armin.hemmann@tu-clausthal.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Virus-Scanned: by PureMessage V4.7 at tu-clausthal.de X-Archives-Salt: 9dfd0c46-9cb9-4957-bddb-2c02dc399ba8 X-Archives-Hash: d8c6ec53b5259aa6711128312db6d1ca On Thursday 18 January 2007 19:41, Duncan wrote: > "Hemmann, Volker Armin" posted > 200701181712.53640.volker.armin.hemmann@tu-clausthal.de, excerpted below, > > on Thu, 18 Jan 2007 17:12:53 +0100: > > So much text from you, but where is the 'I was wrong, sorry'? > > > > Even if nvidia should have recognized the bug as a serious problem the > > moment it was reported, they delivered the bugfix in 3 month, 3 days > > after they got informed that it was security problem. And they did not > > 'cover it up'. > > If I am demonstrated to be wrong, I say it, but it hasn't happened here. > It WAS a security vuln, and as any such unhandled crash from native code, > they should have treated it as a potential security vuln from the moment > the found it until it was fixed or proven otherwise. > > As for time to a fix, the point is, regardless of how long it actually > took, if the software master (see the sig) has respect for his users and > makes source available, any user can either create a fix or arrange for it > to be created. As it happens, in something that widely used, precisely > /because/ the source is available, a decent share of such bugs (which we > both agree happen in all non-trivial software) in the FLOSS community are > fixed in rather LESS than "three months, three days". However, that's > beside the point, since any user of such software who thinks such bugs > aren't being turned around in a timely enough manner can arrange for a fix > themselves, or simply apply a patch if someone else has already done so. > Since it was slaveryware, that option wasn't available and a slave subject > to master NVidia's whims and decisions on timing, unable to take their own > needs and priorities into consideration and arrange for a fix sooner if > they thought necessary, is /exactly/ what the users were. > > What if NVidia had taken a year to come out with a fix? What if they > decided it wasn't worth their trouble and never came out with a fix? If > it's Free software, there's an alternative, should the user wish to avail > themselves if it. With slaveryware, that's exactly what the user is, a > slave to the whims of the software's master. I make it a point to no > longer be a slave to the whims of the masters of the code I run. That > doesn't mean you have to, it just means I do. > > As for using the term slaveryware in my posts... You don't tell me how I > feel about the software I believe is slaveryware and label it so in my > posts, and I'll not insist you call it slaveryware in yours. After all, > if you find my choice of terms offensive, you don't /have/ to read them. > There /is/ this thing called a killfile, should you find it necessary to > use. Call it heavenlyware in yours if you wish. Deal? =8^) > > (Oh, and backing someone into a corner by demanding an apology doesn't > tend to be a very effective way of actually getting one. Let's not make > this too personal, and agree that we /can/ disagree. It's not as if the > world comes to an end because of it, after all. =8^) > > -- > Duncan - List replies preferred. No HTML msgs. > "Every nonfree program has a lord, a master -- > and if you use the program, he is your master." Richard Stallman to long, did not read. Stop preaching. And I showed you, you were wrong. YOU said, they tried to cover it up. They did not. As soon, as it was known to be a vulnerabilty, it was fixed. In three days. So your whole attack was nonesense. That said, a lot of vulns are not recognized at first, because not everybody is a security guru. Like the Xorg render vulnerability. Crash in render, Xorg's fault, open to exploit. Despite the fact, that xorg is open source. And despite the fact that everybody could read the code, it took a long time to find it. Stop using the word 'slaveryware' or I might use 'that zealot' when I am talking about you. Slaveryware is offensive and demeaning. Everytime you use it, you should apologise to everybody who had the bad luck of reading it. I am sorry that I am using that term just now. Please forgive me. And killfile is not an option, you are sending lots and lots of your sermons to the ml. In fact, almost all mails of you end as a sermon. Sometimes, someone just had to ask for a break to show, that YOUR point of view is certainly NOT the one of everybody else. -- gentoo-amd64@gentoo.org mailing list