Subject: Re: FUD about CGD and GBDE
To: Frank Mayhar <>
From: David Maxwell <>
List: tech-security
Date: 03/04/2005 12:25:56
On Fri, 04 Mar 2005, Frank Mayhar wrote:
> Thor Lancelot Simon wrote:
> > [Unimpressive ranting elided.]
> You know the really great thing about open source?  If you are really, really
> convinced that the code in question is broken, YOU CAN GO AND FIX IT.
> Ahem.  Excuse the yelling.
> So far, the only _code_ I've seen has come from Poul-Henning.  If you think

Hi Frank,

I recognize your name from the Dragera list, btw.

Actually, in _NetBSD_, the _only_ code is CGD. So, your comment doesn't
make a lot of sense when posted to a NetBSD list.

> that it needs improvement, go improve it.  If you just want to rant about how
> broken it is, well, that's up to you, but it doesn't belong on -hackers or
> any of the other tech mailing lists.
> You go off and use CGD or some other package, perhaps of your own design.
> The rest of us will get along without you somehow.

Yes, Thor has an antagonistic email style. Don't let that cause you to
ignore his valid points about the cryptographic issues with GBDE.

> This whole anti-PHK/anti-GBDE thing smells strongly of NIH syndrome and
> personal animosity.

I actually haven't read the thread that way - I think that's your
interpretation, not the actual content.

That comment actually feeds into some of Perry's remarks. If people get
defensive about their code, saying things like "You have something
against PHK personally" or "You just have NIH", and use those attitudes
to ignore valid criticism, then the common good is not served.

David Maxwell,| -->
All this stuff in twice the space would only look half as bad!
					      - me