non-disclosure of infrastructure problem a management issue?

Les Mikesell lesmikesell at gmail.com
Sun Aug 24 18:53:27 UTC 2008


Thomas Cameron wrote:
 >
> Oh, and until the full extent of the breach is determined, it 
> is foolish and irresponsible to announce anything about that breach.

Well, except for the fact that everyone else running the same software 
is still exposed to the same threat - if it was a software vulnerability 
that permitted the intrusion in the first place.

> 
> But here you come from the outside and publicly call the head of the 
> project a liar when you *clearly* do not have all the information.

Calling someone a liar is a bit extreme, but everyone running similar 
software with similar exposure has good reason for concern until they do 
have this information.

-- 
   Les Mikesell
    lesmikesell at gmail.com




More information about the fedora-list mailing list