Advertisement
Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.
| |||||||||||||
|
| |||||||||||||
A more appropriate comparisonA more appropriate comparisonPosted Sep 11, 2008 15:28 UTC (Thu) by frankie (subscriber, #13593)Parent article: The Fedora-Red Hat Crisis (Datamation)
In november 2003 we at Debian had a similar intrusion. It appeared evident that the archive was not compromised almost immediately, and the first announce about the issue was done in a few hours. What appears evident is that the news was diffused on the -private channel almost immediately at least to all DDs on-line, at the time. For sure, I suspect RH folks had to verify that RH archives and infrastructure were not compromised as well, before releasing to 'external' entities and general public the news, due to possible implications in their business. This is a fact IMHO. And the concerns about relationships among Fedora community and the RH company cannot be neglected. They should be considered and managed in a structured and well-tought/open way. And similar concerns can be probably expressed for Ubutu vs Canonical, if not Debian vs Canonical (some DDs are also Canonical employees).
(Log in to post comments)
A more appropriate comparison Posted Sep 11, 2008 15:54 UTC (Thu) by jspaleta (subscriber, #50639) [Link]
For the future, we are hoping we can codify some of the structured relationship and flow of information in a generally applicable, publicly communicated, incident response policy. The Board minutes which the original article quotes from is the first meeting to discuss drafting of such an incident policy.
-jef
|
|
||||||||||||