Re: Debian Investigation Report after Server Compromises

To: debian-user@lists.debian.org
Subject: Re: Debian Investigation Report after Server Compromises
From: Paul Johnson <baloo@ursine.ca>
Date: Tue, 2 Dec 2003 23:01:43 -0800
Message-id: <[🔎] 20031203070143.GJ25739@ursine.ca>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] pan.2003.12.02.21.11.27.327388@earthlink.net>
References: <[🔎] 1070381336.21297.11.camel@king.gregfolkert.net> <[🔎] 1070386267.21296.16.camel@king.gregfolkert.net> <[🔎] 1070392359.18618.2.camel@Thief> <[🔎] pan.2003.12.02.21.11.27.327388@earthlink.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Dec 02, 2003 at 04:11:33PM -0500, Paul Morgan wrote:
> Ther is always a conflict between security and openness.  MS's approach
> has always been not to say anything until a fix has been propagated;  they
> are often criticized for that, but I'm sure they'd be deluged in lawsuits
> from compromised system owners if they advertised the exploit to bad guys
> before they had a fix.

Microsoft could easily sidestep those by pointing to their EULA: You
agree not to sue them due to faults in their software.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    
`. `'`     proud Debian admin and user
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/zYpXUzgNqloQMwcRAvnNAJ0V6Ehrk6oydphWjyCnZZygciUawwCgx3W9
urJRNsxKgdRdxqNyR3wG9Wk=
=FWZX
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Debian Investigation Report after Server Compromises
  - From: Paul Morgan <paulswm@earthlink.net>
- Re: Debian Investigation Report after Server Compromises
  - From: Vineet Kumar <vineet@doorstop.net>

References:
- Debian Investigation Report after Server Compromises
  - From: Greg Folkert <greg@gregfolkert.net>
- Re: Debian Investigation Report after Server Compromises
  - From: Greg Folkert <greg@gregfolkert.net>
- Re: Debian Investigation Report after Server Compromises
  - From: Alex Malinovich <demonbane@the-love-shack.net>
- Re: Debian Investigation Report after Server Compromises
  - From: Paul Morgan <paulswm@earthlink.net>

Prev by Date: Re: Debian Investigation Report after Server Compromises
Next by Date: Re: APT::Default-Release doesn't seem to affect upgrades
Previous by thread: Re: Debian Investigation Report after Server Compromises
Next by thread: Re: Debian Investigation Report after Server Compromises
Index(es):
- Date
- Thread