LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A critical security bug in tarsnap

A critical security bug in tarsnap

Posted Jan 19, 2011 16:59 UTC (Wed) by ledow (guest, #11753)
Parent article: A critical security bug in tarsnap

Someone please give this guy a "How to handle a security event" award. God, that's a wonderful page to read.

Basically:
"Don't trust me"
"This is exactly what happened"
"I'm an idiot"
"Refund for anyone who wants one"
"This is how I'll stop this happening again.
etc.

Brilliantly written, and brutally honest. It made me look up this piece of software (which I'd never heard of) just to see if it was something I could give him money for.

(Log in to post comments)

A critical security bug in tarsnap

Posted Jan 19, 2011 17:14 UTC (Wed) by patrick_g (subscriber, #44470) [Link]

Colin Percival was the "FreeBSD Security Officer" so he know how to deal with this sort of things.
That being said I agree that his page about the bug is brilliant.

A critical security bug in tarsnap

Posted Jan 27, 2011 9:49 UTC (Thu) by trasz (guest, #45786) [Link]

Colin Percival _is_ the FreeBSD Security Officer.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds