On Fri, 2015-04-10 at 09:07 -0400, James B. Byrne wrote:
On Thu, April 9, 2015 13:12, zep wrote:
frankly, this blows my mind. not long ago there was a huge kerfuffle over the change to only allow (as someone defined it 'secure') certain passwords, requiring numbers, special characters, some minimum length and that -had to be done- because people didn't use proper passwords and couldn't be trusted to just use what was appropriate/correct for their environment.
now a completely reverse the position, plain text showing user names to the world (which has always been considered to be poor security at best) is just 'yeah, whatever you feel like doing. go ahead.'
User interface decisions are never driven by security. If security is mentioned then it is used as a fig-leaf to shut down dissent.
Security when applied to these sorts of decisions is the patriotism of the FOSS world. The last refuge of scoundrels who have no desire to admit error and wish no discomfort from making any.
The actual reasons for change usually come down to the aesthetic values of a small group of developers, or often a single individual, with the power to impose their vision on the rest of humanity. And the desire to do so. I cannot imagine why. . .
Seems RH, intoxicated by Fedora's wildest screwballs, has started to loose its purpose and its sense of direction. The constant problems with C7 updates is a nightmare for some dedicated Centos fans.