So to role the discussion here is some response to some rcrsn51 comments (not necessarily directed at him).
The standard reply by many other people was the that for some time (years?) the default was not a security problem. And is not!rcrsn51 wrote:1. Many people complained about the icanhazip issue. The standard reply was "It's not a security problem. Don't worry about it."
BTW did you ever notice what your browser is doing the first time you run it?
Why is a compromise to offer the option And why only the people worrying must be respected, specially when it only takes a click to get their false sense of security.rcrsn51 wrote:2. Eventually, the "compromise" was to add a checkbox, but set it ON by default. This struck me as petty and disrespectful of people's concerns.
Two points, there is no "resistance" in anything, some have different views on the "functionality vs risk" equation. Second "no-one really cares enough" is the most likely reason for the lack of discussion on such a trivial issue (yes pinging a site like icanhasip is trivial when it comes to security).rcrsn51 wrote:3. Then suddenly, Iguleder added a line to woof that turned the checkbox OFF, and not a SINGLE person commented. Apparently, all the community members who had previously resisted any change had nothing to say about the final solution.
The option is still there and it still takes a click to change it to your liking. If this discussion makes people "rediscover" it and complain the other way around may as well revert to "on".
(And here is the important part, at least for me)
How can you question the transparency when everything is up in s public repo, including the discussions.rcrsn51 wrote:Personally, this raises some questions about the decision-making process in woof and its transparency. But as I was once told, "Anything in woof is fair game."
But quite frankly very few people, besides the usual 3-4 suspects, offered any input or even watching what is happening. Are you actually following any of the discussions and what is happening in Github?
Now regarding "decision making process", woof is a puppy building infrastructure. Decisions are related on how to make this easier/better (see a relevant recent issue) though there are even "heated" debates on other issues.
However, the actual puppies and their content is the work of the puppy builder. AAMOF less than 2% of the code in a puppy comes from woof.
Regarding possible other non-technical decisions, see above about "community participation"...
So,
Although puppy/woof/linux/FOSS is mostly a doocracy and the standard response is "put your code were your mouth is", I think that no one was ever harmed by constructive criticism and suggestions, and if not, everyone enjoys once in a while a flame war
Feel free to take this thread anywhere it goes
Either way lets have it
Latter: Edited grammatically (though I'm sure has few more issues )