Re: should debian comment about the recent 'ransomware' malware.
Replying in-line :-
On 16/05/2017, Henrique de Moraes Holschuh <hmh@debian.org> wrote:
<snipped>
>
> Actually, we might want to issue an statement to _Debian_ users
> reminding them the value and necessity of keeping their Debian systems
> up-to-date. Maybe point to our automated solutions that remind and/or
> apply security updates automatically.
>
> Our users should also be reminded of the risk of allowing very old
> Debian releases that are no longer supported to connect to a network...
>
> It is probably worth it to also remind users that they must also keep
> track of firmware updates on Intel and AMD systems for platform-level
> fixes (Intel ME, Ryzen and Kabilake microcode, usual BIOS/UEFI platform
> bugs that cause severe issues with the Linux kernel). Debian cannot do
> this for them.
>
Dear all,
I have to admit my initial take was foolish. I do agree however, with
Henrique's idea/suggestion of giving general as well as specific
advices.
For e.g. perhaps, it might be a good idea to have some security advice
for one and all. I did look up if there was a wiki page but didn't
find any. The closest page I could find is
https://wiki.debian.org/DebianSecurity
If there is a page about Debian security practises for users, please
share, if not, perhaps somebody has some ideas for naming and what all
should be in it.
uh..oh titanpad is shutting down,
http://blog.titanpad.com/2016/11/shutting-down-titanpad_12.html
any other pad which people are comfortable with, let's start and have
something which is useful to us as well as our users.
> --
> Henrique Holschuh
>
--
Regards,
Shirish Agarwal शिरीष अग्रवाल
My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8
Reply to: