Re: Debian Server Compromise -- A Fire Drill ??
Dave writes:
> He or she had intimate knowledge of the various Debian servers.
I see no evidence that the cracker had anything other than public
information.
> And no damage was done.
You don't consider the downtime and wasted labor damage?
> Do you think he could have had the same impact by merely announcing that
> he *could* break into a system if he wanted?
Privately delivering the exploit to the appropriate people would have
gotten the bug fixed at least as quickly.
--
John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI
Reply to: