QUOTE
In this case Giano is pursuing what is probably the least likely explanation, and is ignoring several more plausible explanations. Security for the mailing list was just bad, and anyone who (a) understood computer security and (b) knew how the Mailman software worked would have known this. The problem is that the people who did know this (a couple of Arbs, possibly, and most of the developers) didn't bother to fix it until after the big breach. Which is pretty much human nature, unfortunately.
And it is entirely plausible that the devs were warned, and they just decided that bots and widgets and new tools for fixing capitalization errors were more important.
I don't buy it. There's at least one arb that acts very techie on other sites, is a checkuser and such, and they NEVER worried about email security of "personal, sensitive" info that arbs, those supposedly trustworthy beings, happily gossip about among themselves? Giano is on the right track. Tabloid material.