[Asterisk-Users] Broadvoice asterisk patch

steve szmidt steve at szmidt.org
Wed Nov 10 19:57:18 MST 2004 

On Wednesday 10 November 2004 09:35 pm, Tom Lahti wrote:
> At 02:39 PM 11/10/2004, you wrote:
> > >In any case, the patch has been positively identified as being genuine.
> >
> >Which one? Anyone who got an email like that?
> >
> >Get the point? :)
>
> Holy beating a dead horse, Batman.

To some it's a dead horse, unfortunatley for many it aint.

> No one is suggesting that because person X read and understood the patch
> that it makes it a fearless install for anyone who receives anything
> claiming to be the patch.  It makes it a fearless install for person X
> *only*.  If person Y wants the same peace-of-mind, he has to read and
> understand it himself.

Well, I wish I had that experience. What I see everyday is people being too 
lazy to find out for themselves and just following the loudest 
recommendations. Even if from a known fool, as it appears to be easier than 
to check it our for yourself.

> Since (a) asterisk is not Broadvoice's product, (b) Broadvoice does not
> even officially support asterisk, and (c) asterisk is an open source
> project, the *only* appropriate action they can take is to email a patch.

I guess I don't agree with you on that either as I could see a few different 
ways.

> They are a business trying to earn a living on their own products and they
> did what they did to alleviate their OWN problem and save their OWN
> network, the rest of it be damned, which is totally appropriate for any
> for-profit business.
>
> They could just as easily have said "screw you asterisk people" and
> disabled asterisk's ability to register with their servers and not done
> anything about asterisk's lack of ability in the registration area.

Yes, they could. Still does not make mailing patches an ideal way of doing it.

> Now, thanks to their effort, we have an improved asterisk with greater
> ability and compatibility.  Since noone else has said it, I'll say "Thanks,
> Broadvoice.  We're glad to have you contribute to the asterisk codebase,
> and good work!"

You know, I'm sure they are decent people. (Giving them the benefit of doubt 
since I don't know them.) But surely they made a business decision. Realizing 
there's a big potential with all these Asterisk people. This does not mean I 
don't also see it as a thing to appreciate. I think both sides can be right 
on this one.

But it'd be more wrong for not pointing out what IS a bad way of doing it. 
Unless they are made up by a bunch of insecure kids, they will no doubt take 
it for what it is, a notice about something they did which is insecure.

Too many people are afraid of "rocking the boat" by speaking up and so sit 
quietly watching it take in water through a hole. Look at the whole microsft 
mess. They got most of the computer world in hock over the same issues.

-- 

Steve Szmidt

"They that would give up essential liberty for temporary safety 
deserve neither liberty nor safety."
                                Benjamin Franklin

More information about the asterisk-users mailing list