security blankets (was non-disclosure of infrastructure problem a management issue?)
 

then I have to assume you
don't trust the Fedora Project.


I did trust the Fedora project. Now I'm not so sure anymore.


Then who are you going to trust?

Uhm, no, I guess that's not the right question, it only reminds us
that we want to stay with F/OSS.


Let me suggest to anyone who is still hot under the collar about the
current situation, two things:


One, if you want to understand the appropriate level of paranoia, go
spend a day working backwards through the openbsd archives. Try


http://marc.info/?l=openbsd-misc

That will be plenty interesting.

Two, if you've been paying attention to the news from more than a
month ago, you should at least know there are active DNS exploits in
the wild.


ACTIVE

DNS EXPLOITS

IN THE WILD

They haven't been shouting because it shouldn't be necessary. Under
the circumstances, we should be significantly more paranoid and more
cautious than we usually should be.


The original announcement should have been enough, even if it wasn't
perfect.


Joel Rees

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list