On 4/2/19 12:26 AM, Rick Moen wrote:
> Quoting KatolaZ (kato...@freaknet.org):
>
>> Dear D1rs,
>>
>> we have analysed in depth the attack from the "Green Hat Hackers" that
>> compromised the Devuan infrastructure in the last hours, and we
>> concluded that you all are:
>>
>>* APRIL FOOLS *
Mike Bird wrote on 2/4/19 5:02 pm:
> The surviving Devuan core team members will take zero or
> more steps to prove Devuan trustworthy and sysadmins will
> each decide for themselves or with their lawyers whether
> they can continue to use Devuan.
This ancient religion that I just made up relies o
On Mon April 1 2019 22:49:31 Steve Litt wrote:
> Mike, please speak for yourself. I get it: This incident caused you to
> take evasive action, and now you have serious doubts about using Devuan
> further. That's fine: There are other sans-systemd distros and BSDS
> that might be more or less secure
On Mon, 1 Apr 2019 13:52:34 -0700
Mike Bird wrote:
> On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> > 1) please give any requests for removing one of the core members
> > from the project or using legal enforcement a rest. KatolaZ
> > apologized already several times. So please let it g
On 01/04/2019, info at smallinnovations dot nl wrote:
> On 01-04-19 09:03, KatolaZ wrote:
>> Dear D1rs,
>>
>> we have analysed in depth the attack from the "Green Hat Hackers" that
>> compromised the Devuan infrastructure in the last hours, and we
>> concluded that you all are:
>>
>>* APRI
On 4/1/19 09:03, KatolaZ wrote:
we have analysed in depth the attack from the "Green Hat Hackers" that
compromised the Devuan infrastructure in the last hours, and we
concluded that you all are:
* APRIL FOOLS *
:P
Hope you enjoyed the new Devuan gopherholes, as they are most probab
I'd definitively preferred:
Devuan embraces Systemd!
After thorough discussions in our technical committee Devuan decided to
ship systemd with its next release "Beowulf" as the standard init.
Systemd is a complete pot of terware that will enhance Devuan to an
industry approved, enterprise grade b
Hello!
Can please someone review and add git.devuan.org/kaction/apt-cacher-ng to CI?
--
Note, that I send and fetch email in batch, once every 24 hours.
If matter is urgent, try https://t.me/kaction
I like Devuan. I am proud to financially contribute to a project so
desperately needed in our time. But I would like to join others in
registering that this "joke" was in poor taste.
I don't know if it was one individual with Devuan who found it so
hilarious and single-handedly "defaced" the web s
On 2019-04-01 15:18, Daniel Abrecht via Dng wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I assume the other staff members knew about it, was it discussed > at
the last meeting?
I was not aware of any discussion about this action. If I had been, I
would have done my best to stop
On 4/1/19 5:14 PM, Rick Moen wrote:
Quoting Mike Bird (mgb-dev...@yosemite.net):
[...]
KatolaZ has admitted guilt. Evilham has suggested an offline
"discussion" in a few days - a positive but inadequate response.
None of the other core team members have commented on this fiasco.
I look forward
Quoting Mike Bird (mgb-dev...@yosemite.net):
[...]
> KatolaZ has admitted guilt. Evilham has suggested an offline
> "discussion" in a few days - a positive but inadequate response.
> None of the other core team members have commented on this fiasco.
> I look forward to hearing that they have take
Quoting etech3 (ete...@e-tech-systems.com):
> My advice to you is like the Marines motto: Lead, follow or get the
> hell out of the way.
That might be the motto of _some_ group of marines, but FWIW actual
service mottos are:
o Royal Marines (UK): Per mare, per terram.[1]
o U.S. Marine Corps
It really is more than just "Bad Idea" poisson d'avril artwork.
Now that is funny. (-:
Clarke
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
On Mon April 1 2019 15:22:02 Martin Steigerwald wrote:
> And give the other core members a moment to give you the reassurance you
> need.
They haven't issued a statement since this began 30 hours ago.
Maybe they haven't finished their forensic analysis but they should
at least say whether they're
Mike Bird - 02.04.19, 00:03:
> On Mon April 1 2019 14:39:28 Martin Steigerwald wrote:
> > In what way is that not good enough for you? What would be required
> > for you to forgive a mistake and go on with your life?
[…]
> What part of Evilham's statement that "it still looks as if gdo and
> the bu
On Mon April 1 2019 14:39:28 Martin Steigerwald wrote:
> In what way is that not good enough for you? What would be required for
> you to forgive a mistake and go on with your life?
Hi Martin,
What part of Evilham's statement that "it still looks as if gdo and
the build system were compromised" [
Mike Bird writes:
On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
For me that is good enough.
When core team member Evilham writes "it still looks as
if gdo and the build system were compromised" [1] I need a
lot more than a limited admission of guilt from KatolaZ
before trusting tha
On Mon April 1 2019 14:41:43 KatolaZ wrote:
> You are spreading FUD, since in the email you quoted Evilham never
> said the infra was compromised.
Here is the complete sentence from Evilham's email [1]. If you didn't
see it you didn't scroll down to read the full email. Evilham quotes
his earlie
Let it go, Mike. At one level, I postponed some updates until the
"issue" was resolved, so I got caught in the joke. At another level, it
was funny that I allowed myself get drawn in. So what?
The Devuan team is working their asses off, with no requirement for
compensation (have you donated?) to b
On 4/1/19 11:46 PM, KatolaZ wrote:
> I find it hilarious
communities should be fun, glad you can laugh with some of the bs
written in the dng "law & order" drama.
to be honest, it's nice to see natural human behavior from a sysadm, for
a change. (trust level +1 for humans )
without-systemd, not
On Mon, Apr 01, 2019 at 02:28:48PM -0700, Mike Bird wrote:
> On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
> > For me that is good enough.
>
> When core team member Evilham writes "it still looks as
> if gdo and the build system were compromised" [1] I need a
> lot more than a limited adm
Dear Mike.
Mike Bird - 01.04.19, 22:52:
> On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> > 1) please give any requests for removing one of the core members
> > from the project or using legal enforcement a rest. KatolaZ
> > apologized already several times. So please let it go.
>
> I ha
On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
> For me that is good enough.
When core team member Evilham writes "it still looks as
if gdo and the build system were compromised" [1] I need a
lot more than a limited admission of guilt from KatolaZ
before trusting that Evilham was mistaken
Quoting KatolaZ (kato...@freaknet.org):
> Dear D1rs,
>
> we have analysed in depth the attack from the "Green Hat Hackers" that
> compromised the Devuan infrastructure in the last hours, and we
> concluded that you all are:
>
>* APRIL FOOLS *
It was well done, IMO. I'm impressed as
Quoting Arnt Karlsen (a...@iaksess.no):
> > disagree.
> > security can be joked about too: https://xkcd.com/538/
With a $5 wrench, silly (or spanner, depending on your geography).
--
Cheers, The Viking's Reminder:
Rick Moen
Rowland Penny via Dng - 01.04.19, 22:37:
> The stunt pulled here could have caused alarm and distress and should
> never have happened. I do not know if this was a one person stunt or
> not, but in my opinion, the guy who pulled it should offer a
> grovelling apology and promise to never do anythin
On Mon April 1 2019 13:55:28 Antony Stone wrote:
> On Monday 01 April 2019 at 22:52:34, Mike Bird wrote:
> > None of the other core team members have commented on this fiasco.
> > I look forward to hearing that they have taken appropriate action.
>
> What, in your opinion, would be "appropriate"?
Martin Steigerwald - 01.04.19, 22:25:
> 1) please give any requests for removing one of the core members from
> the project or using legal enforcement a rest. KatolaZ apologized
> already several times. So please let it go.
>
> 2) KatolaZ, could you repost your clarifying statement in thread
> "de
On Monday 01 April 2019 at 22:52:34, Mike Bird wrote:
> None of the other core team members have commented on this fiasco.
> I look forward to hearing that they have taken appropriate action.
What, in your opinion, would be "appropriate"?
Antony.
--
#define SIX 1+5
#define NINE 8+1
int main(
KatolaZ - 01.04.19, 22:46:
> Martin, All,
>
> all my messages have always been signed, so I don't understand what
> you are referring to. This message is signed as well, with my key,
> which is the same I used to sign all the Devuan install images since
> Jessie RC2 in April 2017, and minimal live
On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> 1) please give any requests for removing one of the core members from the
> project or using legal enforcement a rest. KatolaZ apologized already
> several times. So please let it go.
I have not threatened "legal enforcement" against Devuan.
Martin, All,
all my messages have always been signed, so I don't understand what
you are referring to. This message is signed as well, with my key,
which is the same I used to sign all the Devuan install images since
Jessie RC2 in April 2017, and minimal live since Jessie Beta 2 in
November 2016.
On Monday 01 April 2019 at 22:12:45, Mike Bird wrote:
> An email claiming it was all a joke does nothing to prove the system
> secure even if it happens to be true.
It doesn't prove it to be secure, no, but it confirms that it's no less secure
than it was before the joke was perpetrated.
> It c
On Mon, 1 Apr 2019 20:18:01 +
Daniel Abrecht via Dng wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> It's now clear that this was a planned action and there was no danger.
> But when it happened, this wasn't obvious in any way. I assume the
> other staff members knew about it,
Hi.
1) please give any requests for removing one of the core members from the
project or using legal enforcement a rest. KatolaZ apologized already several
times. So please let it go.
2) KatolaZ, could you repost your clarifying statement in thread "devuan.org is
back" signed with your gpg key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
It's now clear that this was a planned action and there was no danger.
But when it happened, this wasn't obvious in any way. I assume the
other staff members knew about it, was it discussed at the last meeting?
I really like April Fools, but this wa
On Mon April 1 2019 12:44:05 Antony Stone wrote:
> No, I have complied with my country's laws regarding personal data
> protection and taken "appropriate technical and organisational measures" to
> ensure the security of the systems.
You do not seem to understand security. Once there is the possi
Evilham via Dng writes:
Evilham via Dng writes:
(*): **to my knowledge** means that I am still trusting the
communications and the project, even if I decided keep in place
the
temporarily disconnect of my systems from devuan's infra.
FWIW if anyone cares, I checked what I could and things
On Monday 01 April 2019 at 21:27:25, Mike Bird wrote:
> On Mon April 1 2019 12:18:53 Antony Stone wrote:
> > If this incident has made you distrust the Devuan project, you're
> > probably better off using a different distro.
>
> Are you a sysadmin?
Yes.
> Are you responsible for other people's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
On 2/4/19 4:13 am, Dimitris via Dng wrote:
> On 4/1/19 7:49 PM, Arnt Karlsen wrote:
>> ..this cartoon is used in production how? ;o)
>
> snowden told us how.
>
> dev1 joke affected production devuan systems how?
There is just so much wrong ab
I have complete trust in the complete Devuan team. Having been around
since the start, I know and have emailed/irc most if not all since the
beginning.
The clues were there from the start. If this is the worst that ever
happens to you, consider yourself lucky. After forty years in
telecommuni
Mike Bird [01.04.2019 20:43]:
> Authorised access does not make wrongdoing lawful. The other Devuan
> admins urgently need to remove you, consult a lawyer or the police,
> replace all authorisation tokens and keys, and rebuild from trusted
> sources.
>
> Or they could let Devuan revert to a toy
On Mon April 1 2019 12:18:53 Antony Stone wrote:
> If this incident has made you distrust the Devuan project, you're probably
> better off using a different distro.
Are you a sysadmin? Are you responsible for other people's data?
Let's say you have the misfortune to have one of your servers hack
On Monday 01 April 2019 at 21:15:13, Mike Bird wrote:
> On Mon April 1 2019 11:51:46 Antony Stone wrote:
> > So, you did not believe one of the primary project contributors when he
> > admits to having created the hoax?
>
> He has proven himself unworthy of trust.
No, he's demonstrated that he m
On Mon April 1 2019 11:51:46 Antony Stone wrote:
> So, you did not believe one of the primary project contributors when he
> admits to having created the hoax?
He has proven himself unworthy of trust.
The only question is whether the other four choose to fix the
problem in a sufficiently transpar
On Monday 01 April 2019 at 20:39:27, Mike Bird wrote:
> On Mon April 1 2019 11:12:34 Antony Stone wrote:
> > On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> > Which part of the following did you not understand?
>
> The post was easy to understand.
>
> It may be true. Or maybe not.
So,
On Mon April 1 2019 11:30:34 KatolaZ wrote:
> > I know nothing of Italian law but whether or not the incident
> > should be referred for criminal prosecution is a question you
> > should already be discussing with your lawyers or the police.
>
> Yeah, let's tell the Italian police that an administr
On Mon April 1 2019 11:12:34 Antony Stone wrote:
> On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> Which part of the following did you not understand?
The post was easy to understand.
It may be true. Or maybe not.
Sysadmins are entrusted with people's data - their
bank accounts and cr
On Mon, Apr 01, 2019 at 11:05:11AM -0700, Mike Bird wrote:
>
> There are two very real problems: (1) the untrustworthy person
> with access to Devuan's infrastructure and (2) Devuan's thus-far
> totally inadequate response to a serious security incident.
>
There was no "untrhustworthy person" a
you can always fork devuan and make a distro without-sense-of-humor :P
signature.asc
Description: OpenPGP digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> This attack...
It was not an attack.
> Any security lapse is serious.
It was not a security lapse.
> Claiming the incident was not serious does not make it less so,
However, admitting that it was a (possibly misguided) April Fool's prank
On Mon April 1 2019 06:29:10 Evilham via Dng wrote:
> Further clarifying things: **to my knowledge**(*) nothing has been
> compromised, but it is indeed a very elaborated prank.
Redirecting a web site is a juvenile and trivial edit that anybody
with access can do in seconds.
But if that was all,
On 4/1/19 7:49 PM, Arnt Karlsen wrote:
> ..this cartoon is used in production how? ;o)
snowden told us how.
dev1 joke affected production devuan systems how?
d.
=== JOKE BELOW - PROCEED WITH CAUTION ===
i can also confirm that dev1 systems i run, weren't affected by the joke
bug, but just to
On Mon, 1 Apr 2019 19:23:49 +0300, Dimitris wrote in message
<5604fee1-d2c8-e254-59f1-2bde73640...@stinpriza.org>:
> On 4/1/19 7:04 PM, info at smallinnovations dot nl wrote:
> > be wiser then
> > joking about security
>
> disagree.
> security can be joked about too: https://xkcd.com/538/
..
On 4/1/19 7:04 PM, info at smallinnovations dot nl wrote:
> be wiser then
> joking about security
disagree.
security can be joked about too: https://xkcd.com/538/
signature.asc
Description: OpenPGP digital signature
___
Dng mailing list
Dng@lists.dyn
On 01-04-19 09:03, KatolaZ wrote:
> Dear D1rs,
>
> we have analysed in depth the attack from the "Green Hat Hackers" that
> compromised the Devuan infrastructure in the last hours, and we
> concluded that you all are:
>
>* APRIL FOOLS *
>
> :P
>
> Hope you enjoyed the new Devuan gopherh
Evilham via Dng writes:
(*): **to my knowledge** means that I am still trusting the
communications and the project, even if I decided keep in place
the
temporarily disconnect of my systems from devuan's infra.
FWIW if anyone cares, I checked what I could and things under my
control
are bac
On Mon, 1 Apr 2019 15:27:00 +0200, KatolaZ wrote in message
<20190401132700.psamqzizffz6r...@katolaz.homeunix.net>:
> As promised, on Apr. 1st 2019 at 1:04:19pm UTC the Devuan world
> started to make sense again. Please check:
>
>http://www.devuan.org
>http://git.devuan.org
>http://b
Hi KatolaZ.
KatolaZ - 01.04.19, 15:27:
> Again and to clarify once and for all: this was just an April fool. No
> machine was compromised. No content was moved, deleted, or tampered
> with in any way. Noone got access to the Devuan infra. No package or
> mirror was affected.
Thanks for clarifying
On 2019年4月1日 22:01:56 JST, lilo via Dng wrote:
>Il 01/04/19 09:03, KatolaZ ha scritto:
>> Dear D1rs,
>>
>> we have analysed in depth the attack from the "Green Hat Hackers"
>that
>> compromised the Devuan infrastructure in the last hours, and we
>> concluded that you all are:
>>
>>* APRI
Following is on a personal note after having tried to fix things
behind
curtains and to get something "official" out.
First things first and because I think somebody has to say it in
the
right tone the situation merits:
I am really sorry for the mess of today (+/- 13 hours because
timezones)
As promised, on Apr. 1st 2019 at 1:04:19pm UTC the Devuan world
started to make sense again. Please check:
http://www.devuan.org
http://git.devuan.org
http://bugs.devuan.org
http://pkginfo.devuan.org
http://files.devuan.org
http://popcon.devuan.org
The gopherholes will remain
Il 01/04/19 09:03, KatolaZ ha scritto:
> Dear D1rs,
>
> we have analysed in depth the attack from the "Green Hat Hackers" that
> compromised the Devuan infrastructure in the last hours, and we
> concluded that you all are:
>
>* APRIL FOOLS *
>
> :P
<3
i saw soon yestarday but lurki
On Mon, 1 Apr 2019 09:03:56 +0200, KatolaZ wrote in message
<20190401070356.6jbd7eiovhr7m...@katolaz.homeunix.net>:
> Dear D1rs,
>
> we have analysed in depth the attack from the "Green Hat Hackers" that
> compromised the Devuan infrastructure in the last hours, and we
> concluded that you all a
KatolaZ wrote on 01.04.19 09:03:
> Dear D1rs,
>
> we have analysed in depth the attack from the "Green Hat Hackers" that
> compromised the Devuan infrastructure in the last hours, and we
> concluded that you all are:
>
>* APRIL FOOLS *
>
> :P
D'oh!
A prank well executed from a pure
mett - 01.04.19, 05:38:
> On 2019年4月1日 11:03:36 JST, Hendrik Boom
wrote:
> >On Mon, Apr 01, 2019 at 01:35:30AM +0200, KatolaZ wrote:
> >> On Mon, Apr 01, 2019 at 12:21:58AM +0200, KatolaZ wrote:
> >>
> >> [cut]
> >>
> >> > Just to let you know that Devuan's caretakers got anonymous
> >> > email
KatolaZ wrote:
> * APRIL FOOLS *
Not funny. Came here to get away from the crap. Going back to Debian, or
maybe IBM Red Hat.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Dear D1rs,
we have analysed in depth the attack from the "Green Hat Hackers" that
compromised the Devuan infrastructure in the last hours, and we
concluded that you all are:
* APRIL FOOLS *
:P
Hope you enjoyed the new Devuan gopherholes, as they are most probably
going to stay. Every
69 matches
Mail list logo
