On Mon, 25 Aug 2008 18:42:03 +0930, Tim wrote: > On Mon, 2008-08-25 at 03:11 -0700, Craig White wrote: > > I fully expect that the reason that they took the system off-line 10 > > days ago was a clear indication of their doubt of the sanctity of the > > packages and they didn't put it back online until they felt that they > > felt that they knew the extent of the compromise. > > We're were all guessing about that sort of thing, because we had to. > But a wonky system would be just as likely explanation for why a server > was offline, even for a prolonged period. Yes, I know there's other > risks, etc., but that warning was just bad. > > Put the shoe on the other foot. The infrastructure could have had a > plain old fault and gone off-line, and we could have been speculating > all over the place about security breaches, hacks, and been completely > wrong. In one of the announcements (or a reply to it) a detailed time line of the incident was promised. Let's wait for the details! Fact is, however, they discovered something -- they called it "issues" unfortunately -- and decided it to be severe enough to take offline several servers. Most interesting will be to learn what exactly they discovered and in which order (at Fedora *and* Red Hat, either at once or independent from eachother, but in the same week). What evidence lead to the decision to switch off essential servers, but refer to it as just "issues"? -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list