LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

UK govt not completely tech idiots after all

UK govt not completely tech idiots after all

Posted Nov 21, 2008 17:43 UTC (Fri) by Tet (subscriber, #5433)
In reply to: UK govt not completely tech idiots after all by rwmj
Parent article: SSH plaintext recovery vulnerability

there exists a UK government run agency for protecting infrastructure that seems to actually have a clue.

From the OpenSSH security advisory:

Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, we are unable to properly assess its impact.
Not telling the world at large the intimate details of the vulnerability is one thing, but not sharing them with those who wrote the code and would like to fix it? Bizarre. I think I'd only go as far as them having half a clue.

(Log in to post comments)

UK govt not completely tech idiots after all

Posted Nov 21, 2008 19:34 UTC (Fri) by lysse (guest, #3190) [Link]

I fear that's down to bureaucratic idiocy, rather than technical idiocy. The UK remain a world leader in that department; we never saw a list of rules we didn't want to apply right down to the tiniest little letter.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds