

(Pidgin's) SSL support appears to have been written by a lobotomy victim - Arkanosis
http://developer.pidgin.im/ticket/15308

======
martey
Besides being rude, this clearly does not follow Pidgin's security
vulnerability reporting process:
<http://developer.pidgin.im/wiki/SecurityVulnerabilityProcess>

~~~
mike-cardwell
Yes, unnecessarily rude and offensive to the developer(s) who wrote it. If
he'd just used a more respectful title and removed the last sentence it would
have been fine.

~~~
leif
No, it wouldn't have been fine. If you find a security bug, you have to follow
the reporting procedures. Otherwise you're just making things worse. This
should not be in a public ticket.

That aside, I have a hard time seeing that there's any level of rudeness this
sort of code doesn't deserve.

~~~
theorique
Exposing a technically misguided decision as such is enough.

No need for the spluttering outrage and emotional editorial comment by the bug
reporter (to say nothing of the _ad hominem_ attacks on the programmer).

------
comice
"If you don't look carefully, it may appear that the NSS plugin doesn't do any
validation of the SSL certificates, but that isn't the case; the validation is
done, just not by the SSL_AuthCertificateHook hook."

------
exDM69
This bug report appears to have been written by a lobotomy victim who has had
their "communicating with humans" part of the brain removed.</troll>

It makes me so sad to see this kind of attitude. And usually (don't know about
this case) it comes from a person who does not contribute to the project.

Not everyone is a cryptographer. Although they should refrain from writing
crypto code, calling them "lobotomy victims" makes you sound like one.

------
colanderman
Why isn't libpurple, being a library, licensed under the LGPL, instead of the
GPL? If it were, then there would be no problem linking with OpenSSL if I
understand things correctly.

~~~
natrius
libpurple was not always separate from Pidgin (née Gaim). Relicensing is hard.

~~~
ioquatix
"Relicensing GPL code is hard." FTFY.

------
jeffehobbs
I read this entire article in my interior Comic Shop Guy voice.

------
illumen
Really insulting headline. flagged

~~~
chris_wot
It's a really insulting bug report!

