Showing results 1 to 6 of 6

Thread: Please donґt end this great project

  1. #1
    New User
    Join Date
    07.05.2004
    Posts
    2

    Default Please donґt end this great project

    thank you for one of the best free programs on the internet. Please donґt let yourselves be discouraged by copycats and imbeciles outthere, who think they can steal your code and publish it, and get away with it. I am one of many who enjoy your free software, and I think its perfect the way it is.
    I hope you will continue to develop this and release for free, for personal use.

    Best Regards

    Mr_Ed :wink:

  2. #2

    Default Go on

    I am aghast, and join the writer above, ask you: do not cease.
    We love you !

  3. #3

    Default

    What the heck happening ?

    ShareReactor got closed , BuckTV started to fight amoung themselves , DoD and FairLight got shut down by police , now this ...

    Please don't go ...

  4. #4

    Default

    What exactly is the problem with showing the possible vulnerabilities, security flaws, or design flaws (in one's opinion, that is) of any given existing software ? It takes skills, particularly if it regards architecturally complex, multi-faced pieces of software like DT.

    I don't think that the community is bothered by this in itself: my humble opinion is that the reaction is quite exaggerated and partly ignited by the DT coders themselves, who're trying to turn the guilt for their own design flaws onto someone who points them out. Ever heard of bugtraq ? That's exactly what i'm talking about. I'm not trying to be overly polemic here, i'm absolutely curious though, about what the problem really is. I firmly believe that you should not attack the writer of the analysis personally, since he merely pointed out existing architectural flaws, for whom he was not responsible.

    I've not seen a valid point according to which the life of DT is threatened. The community, i repeat, has no reasons whatsoever to be worried, and the tool itself has everything to gain from a security/vulnerability standpoint. DT coders know this, and protectionists know it as well. And dont toss morality in, for god's sake. This is a chance to grow up, not to be damaged.

    So exactly, what IS the problem ?

    yours curiously,
    negator

  5. #5

    Default

    There is nothing wrong with finding bugs/flaws. It is expected that if it is something of "sensitive" nature, you discuss with developer in private. Imagine if every single security flaw ever found in windows was posted first in the public domain... If developer does not take you seriously, then this is different. This user never talked to us in private, so we had no chance to address his concerns.

  6. #6

    Default

    like Andareed already mentioned, it is important to inform the
    Authors before you post it anywhere or otherwise nobody should
    complain if securityprobs like lsass or in general dcom/rpc-remote
    attacks are posted on bugtraq BEFORE you get a chance to receive
    the patchs. This behaviour could nicely be watched on phpBB.com,
    where every now and then f.e. SQL-injections are posted without
    inform the authors at phpBB. Additional, we're not talking about
    security-probs here, so this information is, to be honest, absolutely
    useless for every user. If you don't believe me, then I would say please
    decide it for yourself, as soon as corrected report is back, I post a link
    to it's new location. Then come back and tell me what you've learned,
    after you read it and were it helped you(!) to improve DT.
    We agreed to the re-posting of the corrected article. Nevertheless, even
    now we didn't share the opinion of the author, but we want peace and
    that's it.
    I think, nobody has the right to tell other people what they must do.
    If we were lazy and it's security related and people's data are in danger
    because of DT - ok! Then I agree to you. But this isn't the case here.
    So your argumentation is simple incorrect in this case.

    It was simple a private war between two persons.
    The author of the report confirmed that it was not his intention to harm
    Daemon Tools at all, it was he feared we didn't take him
    serious. After all the fuss, I would say we never can find out anymore,
    can we? At least we agreed to the new report, so it seems we're no ass-
    holes or guys who are arrogant and don't want to show public what
    Daemon Tools do.

    A PERSONAL notice: I'm able to RE for myself and I know many people
    which are capable of. But I think this doesn't give me the right to every-
    thing, I would ask nicely before I post it. Only exception: it is security-
    related and author doesn't respond to me within an acceptable time.
    But, this is my PERSONAL opinion. You can decide for yourself what YOU
    would do if in similar situation, I leave the decision to you...

    We talked with the user and a new report was created.
    When it's available, I set link so all of you can take a deeper look at it.
    However, future versions of DT will be completely different and believe me
    - I mean what I say. Nevertheless, we thank the user for his hints.

    The Daemon Tools Team

Bookmarks

Posting Rules

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •