LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The Fedora-Red Hat Crisis (Datamation)

The Fedora-Red Hat Crisis (Datamation)

Posted Sep 10, 2008 16:24 UTC (Wed) by ceplm (subscriber, #41334)
Parent article: The Fedora-Red Hat Crisis (Datamation)

Don't feed a troll.

(Log in to post comments)

not a troll

Posted Sep 10, 2008 17:14 UTC (Wed) by JoeBuck (subscriber, #2330) [Link]

This is not trolling. Read the article. It's responsible commentary by a friendly party.

I say this as someone who runs Fedora on all my home systems and RHEL at work. This thing was mishandled, and it raises serious concerns.

not a troll

Posted Sep 10, 2008 18:06 UTC (Wed) by salimma (subscriber, #34460) [Link]

At the same time, it's not really the case that Red Hat is trying to undermine Fedora; it's probably more that, in absence of a clearly-defined relationship between the two (including when it comes to shared computing resources), the natural reaction of a commercial company is to engage in damage limitation. Which unfortunately affects the Fedora leaders who are Red Hat employees.

The Fedora Board is taking this infrastructure problem as a wake-up call, which is a good thing. Whether this ought to have been anticipated is another question, but hopefully in the future this kind of issue would be handled better.

not a troll

Posted Sep 10, 2008 18:19 UTC (Wed) by JoeBuck (subscriber, #2330) [Link]

The author isn't saying that Red Hat's trying to undermine Fedora, rather, he's saying that the effect of the way this has been handled by Red Hat tends to undermine Fedora.

not a troll

Posted Sep 10, 2008 18:56 UTC (Wed) by rahvin (subscriber, #16953) [Link]

I disagree that it was mishandled. I believe the press release was a preliminary "we are starting an investigation" type release. In addition because RedHat is a public company they are obligated to call the FBI and report the breach and the FBI likely gagged them on revealing details so they don't become public and compromise the criminal investigation. I would bet at some point in the future after they understand the compromise, and after the FBI has concluded the criminal investigation that the details will come out, but not before then. The FBI is really nasty about people leaking details they don't want public, they have even gone as far as prosecuting people for interfering with an active investigation.

not a troll

Posted Sep 11, 2008 3:40 UTC (Thu) by vmole (guest, #111) [Link]

In addition because RedHat is a public company they are obligated to call the FBI and report the breach...

It would the SEC, I think, if this were true. But unless you can point at the law or regulation, I don't think it is. Which is not to say that RedHat wouldn't call the FBI, if they had some way of identifying the attacker.

not a troll

Posted Sep 11, 2008 4:12 UTC (Thu) by rahvin (subscriber, #16953) [Link]

There is no law that says they must, although they could have government contracts that require it as most Federal government contracts have such clauses and I don't doubt they have contracts with the Federal government. The reason I believe so strongly that they did is that the consequences both with the SEC and stockholders are extreme for not reporting such criminal acts against the company. There are many examples in history of such things not being reported costing companies millions in lawsuits and I wouldn't doubt, although I don't know of one personally, that there is at least one example that cost a company it's existence.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds