non-disclosure of infrastructure problem a management issue?

[Les Mikesell]

max wrote:
> 
> You call it paranoia, I call it common sense. Do the math, I did. I felt 
> that if it was anything but a security issue then they'd have come right 
> out and said so. The only reason not to come out and say so boiled down 
> to a handful of things.

But doesn't a security issue usually imply that everyone else running 
the same software is vulnerable to the same intrusion?  That is, the 
last thing you want to do is keep running with no updates.

> The only thing that's been made clear is that the Fedora 
> Project has a number of users who take it for granted.

Do we know yet how the initial access to the machine was obtained?  Ssh 
password-guessing or a more fundamental software problem that may still 
be a danger for others?

-- 
   Les Mikesell
    lesmikesell at gmail.com