Majority of Ubuntu community servers compromised, servers were using clear-text FTP ...

Clint Savage clint at utos.org
Fri Aug 17 18:36:19 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bryan J. Smith wrote:
> Greg Dekoenigsberg <gdk at redhat.com> wrote:
>> Now, in Fedora, we're very lucky; the Fedora Infrastructure team,
>> which is fairly well divided between Community and Company
>> resources, is absolutely top-notch.
>
> As a self-admitted "Red Hat apologist," there is no end to the
> demonizations I hear of Red Hat's "overriding decision making" on
> Fedora.  Rumors fly about and when I hear them, I repeatedly find
> myself saying, "oh, that makes sense because of ..." of which I
> "just become the target," etc...  ;)
>
>> But the recent misfortunes of Ubuntu (and the less publicized
>> misfortunes of Gentoo) are a stark reminder that we must not
>> become complacent.  There, but for the grace of God and a
>> vigilant FI team, go us.
>
> There is no guarantee there will not be compromise of Fedora, let
> alone even Red Hat, resources on the Internet.  That's just fact.
> In fact, the worst thing is to be compromised and not know about it
> (let alone under attack and not mitigate it before it reaches the
> state of compromise).
>
> But one thing I don't think I'll see is that it is the result of an
>  overlooked process, poorly considered implementation or some lack
> of "due process" or, more directly yet, "due enforcement" in the
> Fedora model.  Nay-sayers be damned, while it's not perfect, I
> consider it to "be the standard."
>
> In fact, just yesterday I had to explain to someone how the core
> approach and balance of community-company in Fedora is no different
>  that what I saw in Red Hat Linux prior -- from the submission,
> test, release, etc..., including the build and security approaches.
> Fedora has just become a more formal, more open, more transparent
> enabler to the community, which is what I had always hoped it would
> become.
>
> With all that said, the few bits I've been getting on the Conical
> side shows they have actually been trying to address this for some
> time.  And as I said before, Conical will run into more and more of
>  these community-company considerations in the future.  In fact,
> just last week I heard my first, "Conical is becoming like Red
> Hat."  I neither consider that an insult of or a problem with
> consideration for the Ubuntu community or development.  ;)
>
>
It's Canonical.  Not Conical

Cheers,

Clint

- --
Clint Savage
Fedora Ambassador

Utah Open Source Conference
September 6-8, 2007
http://www.utosc.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFGxeqjfSfYomKiJY4RAr4GAKCL3QPf4ucTrLr2a5jfujDPmO3pSwCfS+h/
XSXdrtF+NzRnjawx8ilY8Ec=
=qnx2
-----END PGP SIGNATURE-----

More information about the Fedora-marketing-list mailing list