QUOTE(chrisoff @ Thu 28th July 2011, 4:34pm)
QUOTE
In this case Giano is pursuing what is probably the least likely explanation, and is ignoring several more plausible explanations. Security for the mailing list was just bad, and anyone who (a) understood computer security and (b) knew how the Mailman software worked would have known this. The problem is that the people who did know this (a couple of Arbs, possibly, and most of the developers) didn't bother to fix it until after the big breach. Which is pretty much human nature, unfortunately.
And it is entirely plausible that the devs were warned, and they just decided that bots and widgets and new tools for fixing capitalization errors were more important.
I don't buy it. There's at least one arb that acts very techie on other sites, is a checkuser and such, and they NEVER worried about email security of "personal, sensitive" info that arbs, those supposedly trustworthy beings, happily gossip about among themselves? Giano is on the right track. Tabloid material.
They, like many IT professionals, fall into the trap of thinking 'security through obscurity' is...well, actually secure. It's not. The old setup was weak and horribly insecure, but they must have figured if no one could
see how flimsy the setup was they wouldn't know where to poke holes in it.
Giano just has to see ArbCom as villians actively plotting against him. It's the only way he can explain all the poop which has been dumped on his head over the years without admitting some of it, any of it, might just possibly have been brought on by his own self. Maybe I'm naive, but I've always lived closer to the adage: "Never attribute to malice what can be explained by stupidity."