Re: non-disclosure of infrastructure problem a management issue?

2008/8/24 Björn Persson <bjorn@xxxxxxxxxxxxxxxxxxxx>:
max wrote:
If you and others want to insist that it was
just not wanting to own up to the incident

It doesn't seem likely that that was the reason. If they didn't want to admit
that there had been an intrusion, then I don't think they would have sent out
any warning at all. They did try to get a warning out, but they didn't want
to say that it was about security. I don't know if they thought that
everybody would be able to read between the lines, or if they thought that
people wouldn't understand but would stop updating without knowing why, but
either way I don't understand why they didn't tell us clearly what it was
they were trying to warn us about.

then I have to assume you
don't trust the Fedora Project.

I did trust the Fedora project. Now I'm not so sure anymore.

The only thing that's been made clear is that the Fedora
Project has a number of users who take it for granted.

Take what for granted? The Fedora project's existence? Its security? Its
openness? Yes, maybe I did take its openness for granted. There's been a lot
of talk about openness and having the community involved on equal terms. I
guess I believed it.

Can you answer the opposite question: Why the cryptic message? Can you
think of a rational reason to avoid the word "security"? Something more
concrete than just "legal issues"?

Once again we don't know the constraints imposed on them. Some are
certainly caused by legal issues and what remains an on going
investigation. Your opinion of US law is irrelevant, I've had my issues
with it before as well but the law is the law. The point is that we
don't have all the facts.

In other words, no, you can't think of a plausible reason either.


and I have the sense not to speculate without the full facts. Why is
giving Fedora the benefit of the doubt so hard?

The more important point is that you have used
half the facts to indict Paul Frields.

I have not accused Paul Frields of a crime. I pointed out that the extreme

you called him a liar. Laws can be silly and violating a silly law ,
if it is in fact silly, is still a crime officially.
Calling someone a liar isn't a crime but its worse than withholding
information, especially when you don't know what he is or isn't at
liberty to discuss. This also involves Red Hat and not the Fedora
Project alone.

vagueness of his announcements, which he claimed had the purpose of avoiding
the impression that he wasn't truthful, actually had the opposite effect on
me. That's a failure to some degree if his intentions were honest. It's not a
crime. I have also left the possibility open that someone else may have given
him orders.

You called him a liar

I didn't use anywhere near half the facts. I used two facts: That the issue
was a security issue, and that this was not clearly stated in the first
announcement.

Your right I gave you too much credit when I said half the facts.

you have rushed to judgement before a
reasonable amount of time has been given to carry out the investigation.

This is not about how long the investigation takes. It's about the lack of the
word "security" in the first announcement. I fully understand that the
investigation takes time. It did not, however, take this long to find out
that the issue was a security issue. If you think I'm complaining that the
investigation takes too long, then you haven't read what I've written.

The only issue I have with anything you've said is your assertion that
Paul Frields intentionally deceived us. You made this statement
without being fully acquainted with the facts, we still do not have
them all. If you think I have no issues with how this was handled then
how about I accuse you of being obtuse. i have no interest in debating
it further, say what you will, you made an error in judgment.


--
Sometimes I wonder if God has a sense of humor.....then I see the
coverage of the 2008 campaign and I know for sure God has a great
sense of humor!!

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: non-disclosure of infrastructure problem a management issue?
    ... It doesn't seem likely that that was the reason. ... to say that it was about security. ... I did trust the Fedora project. ... half the facts to indict Paul Frields. ...
    (Fedora)
  • RE: SQL Slammer doing the rounds again?
    ... "I used to hate writing assignments, ... this - Is there a valid business reason to expose UDP ... > Security Business Unit ... > at the largest, most highly-anticipated industry ...
    (Incidents)
  • Re: Optimised antenna
    ... which provides for their rejection or ejection. ... Nobody has given ... me good reason why it cannot be so ... Every day false hoods are given without corroberating facts. ...
    (rec.radio.amateur.antenna)
  • Re: [SLE] setting multiple user id to 0 (zero) is bad ! Why?
    ... On 6/30/05, Chadley Wilson wrote: ... > again!!), uucp. ... > This reason however has been flawed as we have other sites that work properly ... that it was due to sloppy and lazy security practices. ...
    (SuSE)
  • Re: Relevant for anti-relativists
    ... "Some debates are so entwined with people's...identity that one might ... proves they are impervious to reason. ... When scientific facts ... Real scientists don't think like that. ...
    (sci.physics.relativity)