Majority of Ubuntu community servers compromised, servers were using clear-text FTP ...
Bryan J. Smith
b.j.smith at ieee.org
Fri Aug 17 18:05:08 UTC 2007
Greg Dekoenigsberg <gdk at redhat.com> wrote:
> Now, in Fedora, we're very lucky; the Fedora Infrastructure
> team, which is fairly well divided between Community and
> Company resources, is absolutely top-notch.
As a self-admitted "Red Hat apologist," there is no end to the
demonizations I hear of Red Hat's "overriding decision making" on
Fedora. Rumors fly about and when I hear them, I repeatedly find
myself saying, "oh, that makes sense because of ..." of which I "just
become the target," etc... ;)
> But the recent misfortunes of Ubuntu (and the less publicized
> misfortunes of Gentoo) are a stark reminder that we must not
> become complacent. There, but for the grace of God and a
> vigilant FI team, go us.
There is no guarantee there will not be compromise of Fedora, let
alone even Red Hat, resources on the Internet. That's just fact. In
fact, the worst thing is to be compromised and not know about it (let
alone under attack and not mitigate it before it reaches the state of
compromise).
But one thing I don't think I'll see is that it is the result of an
overlooked process, poorly considered implementation or some lack of
"due process" or, more directly yet, "due enforcement" in the Fedora
model. Nay-sayers be damned, while it's not perfect, I consider it
to "be the standard."
In fact, just yesterday I had to explain to someone how the core
approach and balance of community-company in Fedora is no different
that what I saw in Red Hat Linux prior -- from the submission, test,
release, etc..., including the build and security approaches. Fedora
has just become a more formal, more open, more transparent enabler to
the community, which is what I had always hoped it would become.
With all that said, the few bits I've been getting on the Conical
side shows they have actually been trying to address this for some
time. And as I said before, Conical will run into more and more of
these community-company considerations in the future. In fact, just
last week I heard my first, "Conical is becoming like Red Hat." I
neither consider that an insult of or a problem with consideration
for the Ubuntu community or development. ;)
--
Bryan J. Smith Professional, Technical Annoyance
b.j.smith at ieee.org http://thebs413.blogspot.com
--------------------------------------------------
Fission Power: An Inconvenient Solution
More information about the Fedora-marketing-list
mailing list