Skip to content

“Geeks in a Flamewar” Act 4

Dear Reader,

After my post this morning, I received an email from someone knowledgeable of the situation. being the hothead that I am, I usually don’t take instruction well but this particular person made some good points. First again, I reiterate this is my personal blog, not an organ of my employer.

First, it was pointed out to me that I have the time line wrong. I wish to correct that.

The correct order is:
http://www.owasp.org/index.php/PHP_Top_5

PHP Security Architecture


http://blog.php-security.org/

Second, I believe the example questioned by Stefan was a bad example. Programmers do use these examples to build real-world applications. Not that Stefan did anything to correct the bad example. He was more concerned with ripping apart the article than helping developers by providing a good example.

Finally, after re-reading the blogs and the comment cat-fight that ensued it is clear to me that I was unfair to Andrew. Andrew’s blog, while emotional and possibly poorly worded, does in no way rise to the level of the poison Stefan is spewing. I can only imagine what the emails that both parties allude to contained.

Andrew, please accept my apology.

However, I would like to reiterate my main point. These types of public fights do not further PHP. They serve only to divide the community. If you have a problem with a post, take it up privately. If you can’t resolve it privately, bring it to the community but do so in a professional manner.

I’ve now said more than needed to be said. This issue, like so many flamewars on the net, has gotten more press than it was worth. I’m now officially ashamed that I posted anything about it to begin with.

Until next time,
(l)(k)(bunny)
=C=

3 thoughts on ““Geeks in a Flamewar” Act 4

  1. Controversy is a good thing, if nobody stood up when they saw a problem (regardless of any issues they may have) then development would die.

    Just starts to suck when people start getting personal, and not evaluating the code but the presentation or other percieved ulterior motives.

    Flame on ;)

  2. Don’t worry about it – as far as I am concerned, this thing is over.

    At OSCON, I’ve met many of the fine folks behind PHP. I think they are fairly interested in finding someone to push the boundaries of PHP security. It’s just not their particular itch, but that doesn’t mean that they’re uninterested. In particular, I found out that Stefan does NOT speak for the PHP project, so that made me even happier.

    Did you catch my Ajax Security presentation at OSCON?

    Andrew

  3. Andrew!

    I didn’t even realize you were at OSCON. Sorry I missed you. Hopefully we’ll cross at a future conference.

    =C=

Comments are closed.