On Fri, Jan 09, 2004 at 10:51:55PM -0500, Tim Cunningham wrote: >On Sat, 10 Jan 2004 03:22:15 +0000 >Nick Boyce <[EMAIL PROTECTED]> wrote: >> Which is the announcement about the November compromise. >> That makes it sound like it _is_ a security issue .. > >I think he ment that it wasn't important to maintaining the security of >Debian.
maybe, but when I read this: On Wed, Jan 07, 2004 at 06:54:32PM -0800, Matt Zimmerman wrote: >On Wed, Jan 07, 2004 at 10:35:30PM +0100, Jan L??hr wrote: > >> noticing the increasing amount of secure-adv I'd like to ask, wheter the >> buid-deamons are back or wheter another issue is increasing the amount of >> advs rapidly. > >Everything is working again. I have to think I'm either missing the meaning of everything or working. esp when I look on packages.debian.org, which I would intuitively refer to as the debian archive. Does this mean everything is correctly under construction? -- and I needn't worry about anything I cannot make sense of? (Things will only get better now..) I certainly feel I'm being wedged into the same corner as when I got security urgency=high updates before security.debian.org was taken off line and an announcement that debian.org was compromised. (Compulsion to audit _everything_.) But I did later learn that all that coincided with r2 (the new packages wern't urgent and all the urgent packages where old updates), and therefore I was current and safe through it, even though I didn't get an r2 announcement, or timely supplementary info. Maybe my nerves would have been calmer if I was following IRC, where I guess the news was? Hey, what happened, happened. My point is that even if there was no more information or more timely distribution of technical facts, more verbosity as to threat assessment, hypothesis and conclusion, would have made a world of difference for the humans depending on the debian integrity; via third party website or otherwise. If that can be accepted, then my second observation is the complete lack of post mortem commentary of the forensics used. What percentage of debian users know how to mount -oloop a dd image? What _is_ the next step? In the spirit of GNU/debian I would hope the technical leads would have some volition to mentor less skilled admins on the techniques used to unwind the messr. I haven't _looked_ for post mortem notes but I'm surprised not to have so much as heard that they are around. // George -- GEORGE GEORGALIS, System Admin/Architect cell: 646-331-2027 <IXOYE>< Security Services, Web, Mail, mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george
