|
|
Log in / Subscribe / Register

Letters to the editor

Would you like an Education miniconference at LCA2003?

From:  Leon Brooks <leon@cyberknights.com.au>
To:  lwn@lwn.net
Subject:  Would you like an Education miniconference at LCA2003?
Date:  Wed, 10 Jul 2002 13:26:35 +0800

The LCA2003 people (http://linux.conf.au/) are currently assembling a
flock of miniconferences to be bolted on to the front of the main
Australian conference, the idea being that conference attendees can
roll up early and get something extra for free. The first cab off the
rank is Debian (http://lca.apt-cacher.org/), to enable the release of
Woody (http://lwn.net/Articles/4232/). I've been offered the task of
investigating and assembling a Linux in Education miniconf.
 
I plan to present at the Educational Computing Association of WA's
2002 conf (http://www.ecawa.asn.au/conferences/conf2002/conf2002.htm)
about LTSP and Mosix, which I can easily adapt to an LCA miniconf
presentation, but one solitary talk is going to be kind of
unfulfilling; I'm hoping that more people are going to be interested
in either or both of learning and teaching about Linux in Education.
I'm particularly interested in social and implementation reports from
the trenches.
 
If you'd attend an Education miniconf held in sunny Perth during what
is teeth-chattering winter in the USA and Europe, please say so by
sending email here: attend-lca@cyberknights.com.au - if you have
something you'd like to say in 45 minutes at the conference, please
send mail to present-lca@cyberknights.com.au as well. If I see
sufficient interest, you will be contacted and a web-page and
announcement will presently appear.
 
Regardless of your education interests, LCA2003 is going to be great,
so visit their website and think about booking. It's midwinter here,
and we've finally started getting cold days (16C/60F), but at the end
of January you can expect at least 30C/85F, a good fact-absorbing
temperature. It's important to book now, rather than when the first
snow falls, as the LCA committee have nailed down all the available
resources, and sooner or later will run out of seats.
 
Cheers; Leon

Comments (none posted)

I still don't understand this SSH release fiasco

From:  <felix@crowfix.com>
To:  letters@lwn.net
Subject:  I still don't understand this SSH release fiasco
Date:  Thu, 4 Jul 2002 08:56:53 -0700

The rationale for not releasing details (like disable a specific
configuration item) is that this would have alerted the black hats to
500 lines of code in question. Thus it was better to update to the
new version which had separation of powers and at least minimized the
exploit dangers.
 
Then later, a patched version of the new version was released, and all
distros had very little time in which to cut new packages, sysadmins
had very little time to upgrade systems, and so on, before the black
hats analyzed the patch to see what the bug was in order to design
their exploits in order to release them to script kiddies and so on.
 
But the release of a specific patch narrows the bug search down much
closer than 500 lines; in fact, it narrows it down to the exact buggy
lines, directly, immediately. no analysis required.
 
Please also explain how upgrading SSH, new version, new functionality,
maybe new configuration, is a better solution than "Edit this line to
fix the problem".
 
It still smells fishy. Someone got their knickers in a knot and is
too proud to admit it.
 
--
            ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
     Felix Finch: scarecrow repairman & rocket surgeon / felix@crowfix.com
  GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o

Comments (none posted)

Page editor: Jonathan Corbet


Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds