[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Server Compromise -- A Fire Drill ??

Dave writes:
> He or she had intimate knowledge of the various Debian servers.

I see no evidence that the cracker had anything other than public

> And no damage was done.

You don't consider the downtime and wasted labor damage?

> Do you think he could have had the same impact by merely announcing that
> he *could* break into a system if he wanted?

Privately delivering the exploit to the appropriate people would have
gotten the bug fixed at least as quickly.
John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI

Reply to: