QUOTE(chrisoff @ Thu 28th July 2011, 8:18pm)
Giano, my hero! Dear clear sighted one!
In this case Giano is pursuing what is probably the least likely explanation, and is ignoring several more plausible explanations. Security for the mailing list was just bad, and anyone who (a) understood computer security and (b) knew how the Mailman software worked would have known this. The problem is that the people who did know this (a couple of Arbs, possibly, and most of the developers) didn't bother to fix it until after the big breach. Which is pretty much human nature, unfortunately.
And it is entirely plausible that the devs were warned, and they just decided that bots and widgets and new tools for fixing capitalization errors were more important.