Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re:Flares and personal opinions
From: full-disclosure () lists netsys com (David Benfell)
Date: Sun, 14 Jul 2002 02:37:02 -0700

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, 14 Jul 2002 16:41:03 +1200, Nick FitzGerald wrote:
"Berend-Jan Wever" <SkyLined () edup tudelft nl> wrote:
Nothing personal dude, but ...
Nonetheless, I felt he raised some valid points, even if I don't
entirely agree with all of them.  Simply because this is an
unmoderated list does not mean that normal rules of list etiquette do
not apply.

Among them, as you pointed out, is the one about HTML e-mail.

Having participated in a few flame wars myself, I'd hate to simply say
that it's rude to flame.  If we didn't care, we wouldn't get mad.

And security is something to care about.

So I'll say this about flaming instead:  When you flame, at least say
something substantial.  Simply saying that something sucks really
doesn't cut it.  Explain why it sucks, so we at least have something
to argue about.

The posting about the anonymizing web sites is a classic example.  He
just said it's broken, with hardly any explanation of why it's broken.
He didn't explain his testing procedure, nor did he explain what
results he's looking for, contrasting them with the ones he actually
got.  Finally, he didn't explain how these results undermine their
utility in anonymizing web access.

Next, don't bother with old news.  Old news is old news.  It's dead.
Just because you can't bury it doesn't mean you should drag the rotten
corpse around and force the rest of us to take a whiff.

The postings about the Bugtraq lists are old news.  Those lists have
been around for years.  There's nothing new about how they're being
administered so we really don't need to hear your general complaints
about them here.

Notice I said general complaints.  If they're doing currently doing
something specifically wrong with a specific issue, that's fair game,
as long as you explain yourself.

Next, keep personal attacks to a minimum.  If somebody is being
stupid (as opposed to ill-informed), it's reasonable to whack them
with a clue stick.  But remember, we're here to exchange information,
so explain yourself.

Simply saying someone is a stupid dumbfsck is not nearly so impressive
an argument as explaining point by point why everything they said is
simply wrong.

There's an underlying theme here.  Explain your position.  You might
be right, you might be wrong.  Either, really, is okay, because even
when you're wrong, we can show where you're wrong.  Or maybe we're
wrong in thinking you're wrong, in which case, you can argue back.

We learn that way.

The idea is that there always needs to be substance.  As fellow
humans, we might care about your emotions, but as administrators and
programmers, we need information we can act on.  Your anger is not
something we can do a lot about.

My last point on flames would have to do with frequently asked
questions which are documented.  Remember that just because you know
where to find the answer to that question doesn't mean I do.  And
sometimes I can't figure out what search terms to use to get
reasonable results from Google.  Also, some documentation, including a
lot of man pages, seems to presume you already know the answer.

Good technical documentation is hard to come by, partly because most
technical writers are hacks working for marketing departments.
Documentation written by programmers, on the other hand, often suffers
for a variety of reasons.

So RTFM is often not an adequate response -- make allowance for that

When flaming, it is important to do it well.  Otherwise you may look
like the bigger fool.  And if done well, flames still contain valuable
information that can be useful in ferreting out the greater truth
surrounding any particular issue.

And that is why we're here.

David Benfell, LCP
benfell () parts-unknown org
Resume available at http://www.parts-unknown.org/resume.html

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.7 (GNU/Linux)



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]