How can you be sure?

How can you be sure?

Posted Sep 11, 2008 16:04 UTC (Thu) by khim (subscriber, #9252)
In reply to: The Fedora-Red Hat Crisis (Datamation) by bojan
Parent article: The Fedora-Red Hat Crisis (Datamation)

I don't think that's a problem at all.

Puhlease.

I'll bet $5 that if the root cause of the intrusion was something that required patching upstream (and it may be completely non-applicable), Red Hat folks would already be on it.

How? "Here, please take this patch: we can't say why you should apply it and how it will work, but you SHOULD apply it" - like this? As others have said: they can't talk about things that went wrong, then don't want to talk about boundaries (what they can say or can not), etc. This will SEVERELY impede interaction with upstream. Will it make impossible to send the patch and get it accepted? Who knows. But I don't hold my breath...

After all, they run and live on open source software - why on earth would they want something like that go unpatched for the rest of us? After all, many of us are their customers.

The same logic applies to disclosure about current situation. They have used RHEL and Feedora systems, to handle that, right? They were setup by the best professionals available, right? And they STILL were compromised - so probably the same story can be repeated around the world again and again... Disclosure can hurt RedHat but will help customers - exactly as in situation with patch for upstream...

---

(Log in to post comments)