Comment 100 for bug 885027

While I fully agree that any form of vulnerability should be fixed, I think many here are doing Kovid wrong.

a) He is providing the currently greatest piece of software for ebook management for free, donating large portions of his free time into the project

b) Giving full support here and on the mobileread.com forum

c) Has the full right to be proud of his work and initially doubt and/or question vulnerability reports from an unknown source

d) Has shown that he is willing to learn and improve once he was convinced that people like Dan Rosenberg and Jason A. Donenfeld are really experts in their profession and know what they are talking about

The three main actors (Kovid, Dan, Jason) had a very emotional and kind of non-constructive start (for me attributable to all three - no offence meant) but it turned to the better. Kovid initially being very usability minded while Dan and Jason being completely security minded they came to a more mutual understanding during this discussion.

And given the nature of a discussion, defending once position until being convinced is just normal. Exaggerated and insulting comments like "treating users with disrespect", "I will uninstall Calibre...", "Perfect example of how not to react to bug reports" are neither appropriate nor justified.

From my side a big "thumbs up" for Kovid, Dan and Jason and many thanks for your contributions to the Open Source world.

Kind regards