Re: non-disclosure of infrastructure problem a management issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 25 Aug 2008 18:42:03 +0930, Tim wrote:

> On Mon, 2008-08-25 at 03:11 -0700, Craig White wrote:
> > I fully expect that the reason that they took the system off-line 10
> > days ago was a clear indication of their doubt of the sanctity of the
> > packages and they didn't put it back online until they felt that they
> > felt that they knew the extent of the compromise.
> 
> We're were all guessing about that sort of thing, because we had to.
> But a wonky system would be just as likely explanation for why a server
> was offline, even for a prolonged period.  Yes, I know there's other
> risks, etc., but that warning was just bad.
> 
> Put the shoe on the other foot.  The infrastructure could have had a
> plain old fault and gone off-line, and we could have been speculating
> all over the place about security breaches, hacks, and been completely
> wrong.

In one of the announcements (or a reply to it) a detailed time line of the
incident was promised. Let's wait for the details! Fact is, however, they
discovered something -- they called it "issues" unfortunately -- and
decided it to be severe enough to take offline several servers. Most
interesting will be to learn what exactly they discovered and in which
order (at Fedora *and* Red Hat, either at once or independent from
eachother, but in the same week). What evidence lead to the decision to
switch off essential servers, but refer to it as just "issues"?

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux