Re: communication structures crumbled

To: debian-user@lists.debian.org
Cc: Debian Users <debian-user@lists.debian.org>
Subject: Re: communication structures crumbled
From: <kmark+debian@pipeline.com>
Date: Thu, 27 Nov 2003 03:14:00 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.33.0311270254150.2280-100000@debian.potter>
In-reply-to: <[🔎] 20031127071849.GA21164@comcast.net>


On Wed, 26 Nov 2003, Tom wrote:

> On Wed, Nov 26, 2003 at 06:16:39AM +0800, Dan Jacobson wrote:
> > To us debian users, the most notable thing during this break in or
> > whatever episode, is how the communication structures crumbled.

Tru enough, there was some info but it was scattered. I personnaly
checked slashdot after someone on debian-user said 'the sky is falling'.
I wouldn't have noticed otherwise. I didnt read slashdot that day! And
it wasn't in <H1> on debian.org.

> >
> > debian-announce had one message on the 21st, five days ago, saying for
> > more information, see www.debian.org.
> >
> > Nothing special there, so I checked http://www.debian.org/security/,
> > same problem.
> >
> > With the mailing lists affected, what would average user me do to
> > learn the latest on the situation, google around? Googleing around
> > just lead me to some stale discussion on the mailing lists before they
> > got turned off.
> >
> > At least some latest news could have been posted to the main website.
>
> I bet there's been plenty of discussion amongs the devs themselves on
> IRC and various back-channels.
>
Certainly, I think that was a big deal in the gnu world. But for a 10
year old gnu project that is totally free and contains 100's of
developer and thousands of projects that is competing with
the likes of Billionaire Bill, Scott 'god' Nealy and others, it faired
pretty well. (A new IE bug annouced today! -- number #1000012)

> This whole experience has pointed out just what
amateur status the > Debian project is at.
>
> Of course, the devs would say: "So what?" and they'd be right.
>
>
If you mean 'amateur' because no one is on a payroll, I agree. But the
password crack could happen to any os/corp./users. People are of course
the weakest link in the chain (vs automated build processes, hardware
failure or other things). But since the deb's were fine and the other
systems were mostly up in a few days(cvs'd or backed up), it seems
pretty great to me. Someone said that because debian lives on more that
one cpu, it slowed the script kiddies down. Cool! (take that MS,RH,etc)
As soon as they integreate the MD5 checks into apt it will be a
bit more secure.

While I agree that the main thing that was buggy was the lack of easily
accessible info, the various debian 'systems' (build,
packaging,developers) worked quite well. Security through openness is
better than the closed source way or the worse the
DMCA-your-ass-in-jail way!
-Kev

Reply to:

References:
- Re: communication structures crumbled
  - From: Tom <tb.31123.nospam@comcast.net>

Prev by Date: Re: Experiment: Neophyte versus Windows XP & Debian Woody
Next by Date: Which package has Perl:XML::Simple?
Previous by thread: Re: communication structures crumbled
Next by thread: Re: communication structures crumbled
Index(es):
- Date
- Thread