Signing for fedora-announce with fedora-list (was Infrastructure status, 2008-08-16 UTC 1530)

[max]

Michael Schwendt wrote:
> On Thu, 21 Aug 2008 15:10:08 +0000, g wrote:
> 
>> marcelo, michael, rodger,
>>
>> after reading in a previous post that 'infrastructure' hit news announcements
>> on, of all places, zdnet,
> 
> Those vague announcements deserved such publicity. I would have been
> surprised if the press had not covered those "issues".
> 
Yes I would have to agree, its actually in the best interests of 
everyone that they do get covered. I don't like being kept in the dark 
anymore than the rest but I don't think its unreasonable to do what can 
be done i.e. use the tools available to make a determination if your 
compromised or not and then wait and see what the Infrastructure Team 
has to say when all is said and done.  At this point it seems they will 
have no choice but to release some statement or another, whether or not 
it satisfies people is going to be another matter entirely. The last 
thing I want is for them to be rushed to a wrong conclusion because 
everyone is impatient for any answer, I'd prefer the right(by which I 
mean honest and truthful) answer that has been arrived at after all 
investigations have been carried to conclusion. Speculation will get us 
nowhere. What works on that other OS would have a hard time succeeding 
on a properly administered Linux box but that just means using 
unconventional methods to do it instead. A task that would be both more 
difficult and more rewarding for the attacker not to mention harder to 
detect and of course harder to investigate for the victim.