Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
Plus the fact that all of this was avoidable with even minimal attention to policy. It's not like they haven't had over five years.
Although I must say that it is ironic that you would champion the cause of disclosure. Had any good "infrastructure issues" lately? :-)
Weirdness at CentOS
Posted Jul 30, 2009 22:44 UTC (Thu) by jspaleta (subscriber, #50639)
So here we have a large group of CentOS developers saying that the project depends on developers to continue. If the developers aren't happy and the developers walk away...that would be a significant problem. CentOS is run by volunteers and everyone should keep that in mind...especially those people..like yourself perhaps.. professional who are making a business of leveraging the volunteer work when selling services to customers...without contributing back to that effort.
I use CentOS at work. Am I concerned that the developers are going to enmasse up and quit. Nope. Will CentOS go through a re-branding and a domain name...maybe. The trademarked name CentOS might die but the developers will continue the work apace. And lets face it, CentOS doesn't have the strongest brand in the world. The people who are leveraging it are leveraging it because its compatible with RHEL...it really doesn't matter what its called.
And since you brought it up...I am very much a champion of disclosure. Are you not satisified with the final summary of information Paul put out over events?
Are you not satisfied with the follow-up effort to create and publicly publish an incident procedure that will be followed in the future?
If the only thing that leaves you unsatisfied is the explanation as to the delayed public disclosure due to an ongoing investigation I'm not going to be able convince you otherwise. You either accept that explanation or you do not. The new incident response procedure should help prevent unnecessary delays if this ever happens again.
Posted Jul 31, 2009 2:16 UTC (Fri) by sbergman27 (guest, #10767)
Seven months delayed public disclosure. Sure, they had excuses in hand, carefully worded by Red Hat's PR department and approved by Red Hat Legal. But other distros, Debian for example, don't seem to have that "can't do" attitude exhibited by Fedora under similar circumstances, and don't seem to need the carefully worded excuses. And no, there is really no way to know if what was (finally) disclosed was the full truth. Any presumed confidence one might have had of that was lost sometime between August and March.
...I'm not going to be able convince you otherwise.
As long as there are such clear examples of other distros executing responsible and timely disclosure, in contrast to Fedora's behavior, I'm quite sure you won't. I guess we'll just have to see what happens next time Fedora's infrastructure gets hacked.
Posted Jul 31, 2009 9:07 UTC (Fri) by marcH (subscriber, #57642)
You cannot make the headlines without any keyword like "die", "sex", "war",...
Posted Aug 1, 2009 9:58 UTC (Sat) by nix (subscriber, #2304)
UFO War on Fairer Sex --- Developers Driven Screaming into Sea
Posted Aug 1, 2009 14:51 UTC (Sat) by sbergman27 (guest, #10767)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds