Infrastructure status, 2008-08-16 UTC 1530
floriansievert at phobeus.de
Mon Aug 18 09:27:22 UTC 2008
> The least fedora could have done is give some suggestions to users on how to
> take precautions if this is really a security issue which seems quite
> obvious now since it's been days and everyone is in the dark
I completly agree. The way of communicating this issue is pretty bad. In
fact, nobody really seems to know if it was just a spontanous maintaince
work with a strange announce or an possible security breach itself.
After some days there is no clue about what actually might be the
problem. Of course, nobody might expect that the issue is resolved,
however, there should be CLEAR announcements that informs the user about
the best way to handle the issue. Else, I need to calculate with the
worst case and that is a security breach with compromissed signed keys.
No information about the time the problem occurs, so you have to see all
fedora system as possible compromised. That's not funny to be left in
that situation with an "please don't install updates" and "the wiki will
be back soon".
Make clear announcements and tell what you think what might be happened.
This will greatly help to avoid spreading rumors and many users might
sleep much better at night.
More information about the fedora-list