[ic] Credit Card Info

Mon Nov 5 20:23:01 2001

Quoting Robert Trembath (robert@ishoptech.com):
>  I don't feel we (not I) should have to pay for code modifications that
> RH said would be part of the feature set.

Neither Red Hat or I have NEVER said that unencrypted credit card
numbers would be a part of the feature set. I challenge you to find
where we did. In fact, in the face of constant pressure, both Red Hat and
I have consistently said the opposite.

I have turned down consulting contracts that required that I store the
unencrypted CC number in a database on a net-connected machine.

It is true that by default I set the EncryptProgram to "cat" for years.
I am sorry for that. But my stated position has always been that
encryption is necessary. All I did was enforce that position in
the code as it became clearer and clearer that we would be negligent
if we didn't.

I have no problem with you doing whatever you want. However, I do
have a problem with you handing an Uzi to a 4-year-old (slightly 
exaggerated analogy, but fits with someone elses previous one).

I asked you not to post the not-recommended workaround to the
list. You did it anyway. Therein lies my problem with it.

I have removed the post from the archive. I ask it not to be
posted so that it will not be archived to let the clueless 
fling unencrypted credit card numbers about.

Also, I have a problem with *all* the messages you posted. Each one got
bigger and bigger, as you left the quoted text on the bottom in an
almost undecodable state, sigs and headers and all, not bothering to
trim or show context. Actually, that is why I didn't get involved
in the thread until it became longer. I ignore 95% of messages
that have lazy quoting.

By the time your message was posted, with actual content of 50 lines
or so, the message was 480 lines. 

> This is open source, don't we all contribute to make the product better?

Some are givers, some are not. Most don't contribute in any measurable
fashion. I have no problem with someone downloading code at all. I have
downloaded many packages and used them for free. I have not often given
back to other projects. I am in the majority there -- according to a
paper I read a long time ago, 80% of users of a package don't subscribe
to its associated mail list even for the first time.

I also have no problem with asking questions, though like many people I
almost always prefer to research the questions myself, as I learn so
much more from it (often in unrelated areas).

I do have a problem when the questions and responses are lazy and
slipshod. I don't usually sound off about it, but I am very much like
described in ESR's document. If someone doesn't value my time enough to
craft the question and trim the garbage when it moves to a thread, I
don't feel at all like answering it. And I usually don't.

-- 
Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
phone +1.513.523.7621      <mheins@redhat.com>

I have a cop friend who thinks he ought be able to give a new ticket;
"too dumb for conditions".