Re: Bad press related to (missing) Debian security - action
hi ya micah
- thanx for trying ... lets see what happens
On Wed, 29 Jun 2005, Micah Anderson wrote:
> Alvin Oga schrieb am Wednesday, den 29. June 2005:
>
> > On Wed, 29 Jun 2005, Micah Anderson wrote:
...
> > > Did you read the email that I referenced? It doesn't sound like you
> > > did.
> >
> > this is precisely why volunteers disappear
>
> I'm sorry I dont understand.
i read more into your comment about having read the prev urls or not
which, like i said, i did read
> http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
> http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
> http://secure-testing.alioth.debian.org/
> http://lists.debian.org/debian-security/2004/10/msg00166.html
i'll look thru hose later
> I note that there is no message from you found on the
> secure-testing-team mailing list.
i posted/replied in the debian-secuirty list when joey and crew
was previously looking for volunteers
> I am unable to find your alioth account, did you sign up for one?
dont have one
> Did you email the secure-testing
> alioth project administrator to be added to the project?
dont knwo the folks of who does what ..etc
> Did you check out the svn repository?
nope ...
> > of course i read it ... the first yime you posted and the 2nd time when
> > you sent the same url again .. multiple times for "how to volunteer"
>
> Please, where in the details about how to volunteer did you get stuck
> so we can improve them?
in my case... i suppose i'm the idiot ... since i want to do things
differently ...
- i'm interested in releasing xxx-latest.deb packages
for "testing"
- latest kernel, latest apache, latest php, latest xxx
and in my case, and for our customers, being a month
or two out of date could be a very bad thing which is
why we're intrested in newer security methodology
and we already do our magic inhouse for the latest xxx
apps
- i'm assuming that the authors and package maintainers
are already doing their patches based on announced vulnerabilities
and exploits, and i'm wanting to avoid re-inventing that wheel
- thanx again for taking the time to reply..
and i'll spend some time on the new urls
> The benefits of volunteering are also detailed in that email. What
> sort of proactive direction are you expecting?
at a minimum ..
- latest kernels in *.deb form from kernel.org
- latest apache from apache.org
... endless list ..
> I think you have it
> backwards, the proactivity needs to come from you.
i'd like a place ( a server ) where all these packages can be kept
maybe we'd just need to start, similar to what nerim.net does with
mplayer*.deb
unfortunately, the suits wants patches all from debian.org
or inhouse, where, guess who ( me ) takes the ball and responsiblity
for inhouse packages vs importing from tom-dic-n-harrry and
sally-mary-janes site
> You are right that
> the group is still in its infancy in terms of being organized,
its okay... good to grow
> but how
> do you expect it to become organized?
replying to those wanting to volunteer is a good start... as yu have
been doing .. thanx for that
> The only way it will become
> organized in a volunteer organization is if the volunteers (read: this
> can be you), proactively organize it.
sometimes, us volunteers do NOT have the luxury to change the
way things are done ... or even given 1 month to implement the next
big idea and see if it works or not ...
old ways are good ... its proven .. it works
if the old ways does NOT address new problems ... than somebody else
might solve those problems... and/or change distros
> If you wish to wait until
> everyone else has done the work to organize the group, and then you
> want to come in and do something you may find that the group is
> organized a way that you do not like and you will regret that you did
> not help organize it the way you like.
:-) .. thusly, i'm still here ... looking and watching
-- are you local ... ( silicon valley area ).. probably easier to talk
face-to-face vs thru phophorous emissions
- and/or with any other "security team volunteer"
c ya
alvin
Reply to: