A couple of days ago, a community member (I will not name him here) posted a Blog entry in the ABAP space, “teaching” how to modify standard programs without a registration key.
My first reaction was to write a comment which went something like this:
“There is an easier way to do this, but I will not tell you because it’s harmful and should not be encouraged”.
I also rated it 1 star and would have disliked it (or voted down, stacko verflow style) if there was such option.
I then went to Twitter to express my dislike, shortly before I noticed the moderator had deleted such post, an action classified by myself as “great”, for which some people, most prominently Tammy Powlas, agree with me.
Not much later, Ethan Jewett engaged in the convo, basically arguing such kind of posts should not only be allowed, but classified it as “community service” as it evidenced well known vulnerability, which should be tackled by the competent people (basis, security, auditors). He also argues the information will be available anyway, so it’s better it’s here in SCN where reasonable people could provide some guidance.
I think it’s my duty as a community member to help prevent other members to act in ways that may harm their systems (and even could get them fired). I know tons of these dirty tricks, but I keep them to myself, only sharing with people I really trust and know will not make any mess with it. If I believed this kind of stuff should be spread, I would have wrote it myself (the better version of course).
Another thing I strongly disagree is the notion that SCN is the place for such articles. No, it’s not. We are in a SAP domain. Here we should share best practices, good advices. It’s a place for quality content (although there are lots of not so good stuff around, including anything I have ever written and anything I will ever write).
Also, RTFM. Just after my comment on that blog, Jürgen L posted the link directing the author to read the doco so he would understand why such behaviour was bad. We don’t encourage people to use unreleased FM. Or to modify standard objects (even with a registration key!). We don’t encourage SQL injections. We don’t encourage our peers to act against the good health of their systems (and SAP warranty).
OR, as Google says, “Do no evil”.
Your opinion, please?