Quoting Edward Bartolo via Dng (dng@lists.dyne.org): > Although, I was not present in the conferences, I can imagine what was > the problem. That prank was completely misplaced: as someone replied, > one does not joke with security.
Ordinarily, I am in agreement with this view, but _details matter_. So, no, IMO this is a wrong-headed argument when viewed in context, and in my view is harmful to the project. You're of course absolutely entitled to your opinion (just as I'm entitled to my opinion that your opinion is ill-conceived and actively harmful). Here is how I phrased the matter, quite a few days ago, on the #devuan IRC channel: 19:46 < redrick> And, for the record, I really liked the prank, too. 19:47 < redrick> Eh, wrong window. 20:00 < watchcat> heh 21:23 < redrick> watchcat: It was a comment directly to KatolaZ, actually. Although my view has shades of grey, to be honest. I've long worried about a major open source project being taken down by security exploit on or just before April 1, as that would be one of the times sysadmin response would be impaired, along with New Year's Eve, etc. 21:24 < redrick> This isn't even the first open source project claiming such a security breach. I've always responded with good security advice in case it's real but on a fake-seeming occasion.[1] 21:25 < redrick> Although in this case, the notion of intruders converting the compromised site to gopher was an adequate tip-off to anyone who stopped to think. Not a credible real-world outcome, ergo, nicely done on balance. 21:27 < redrick> So, on the one hand, I have sympathy to those who say it's uncool to do a prank about security breaches. OTOH, a total site conversion to gopher on 70/tcp? Really? 21:28 < furrywolf> if something is worth doing... :P 21:29 < redrick> It really almost qualifies as a moby hack. Huge points for style, in my view. 21:40 < redrick> IMO, the perfect April Fools prank is one that's presented in a completely, consistently deadpan fashion, but if you stop to think is ludicrous. BBC set the benchmark for that in 1957, in its report about the traditional spaghetti harvest in Switzerland. https://www.youtube.com/watch?v=tVo_wkxH9dU Callers to Auntie Beeb who asked for advice about how to grow their own spaghetti trees were told 'Place a sprig of spaghetti in a tin of tomato sauce and hope for the best'. That's the way to do it! And I see KatolaZ's prank as part of that worthy tradition. 21:43 < redrick> That clip is IMO worth the time of anyone who hasn't yet seen it. 62 years, and still hilarious. 21:51 < furrywolf> I've seen it. :) [1] On a quick search, I couldn't find an example of one of my private notes to project leaders claiming a major security breach just before or on April 1st, but here's an example involving a claimed major legal attack on open source institutions, that turned out to be a coordinated April Fools prank -- which poses a similar problem: Date: Thu, 1 Apr 1999 01:35:46 -0800 From: Rick Moen <r...@hugin.imat.com> To: edi...@bedope.com Subject: Clarification requested X-Mailer: Mutt 0.95.4i X-CABAL: There is no CABAL. X-CABAL-URL: There is no http://linuxmafia.com/cabal/ X-Eric-Conspiracy: There is no conspiracy. X-Eric-regex-matching: There are no stealth members of the conspiracy. Hello there! I'm an activist in the San Francisco Bay Area Linux community, and noticed that Arcterex (ufies.userfriendly.org), Illiad and his attorney Michael Scott DeWitt (www.userfriendly.org), Scott James Remnant (segfault.org). and Mike Popovic (www.bedope.com) all have almost identical notices on your Web sites. Assuming this is real, you all have my sympathy. But there's an unfortunate coicidence(?): It's April 1st. None of those four Web hosts says, so far, "Yes, we know it's April Fools Day, but we're serious. We're under real, serious legal attack." If you four are _not_ pulling off an April Fools prank in questionable taste, then it'd be (in my view) an excellent idea to specifically disclaim that intent. Immediately. I don't mean to add to your woes, if such they be. -- Cheers, "By reading this sentence, you agree to be bound by the Rick Moen terms of the Internet Protocol, version 4, or, at your rick (at) linuxmafia.com option, any later version." -- Seth David Schoen _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng