Okay, STeve. Right on. I see no need to discuss this topic here. I am more interested in the differences in perspective of Theo and Linus. I addressed Linus' blog out of interest in his concern in the ongoing developments. Even then, I consider Linux to be a kernel packaged with a bunch of ancillary programs from GNU. I am happy to be composing this email on my primary OpenBSD system. Daniel
On Sat, Sep 17, 2011 at 3:57 AM, STeve Andre' <[email protected]> wrote: > Linux is not OpenBSD, it's Linux. What happens there does not affect > OpenBSD. Likely at some point it will be revealed what happened. At > any rate it isn't germane to these lists. > > --STeve Andre' > > > On 09/17/11 03:40, Daniel Villarreal wrote: > >> I'm still worried, though. There's some mystery involved, how did "they" >> get >> root ? >> >> http://isc.sans.edu/diary.**html?storyid=11497<http://isc.sans.edu/diary.html?storyid=11497> >> >> kernel.org is indicating "Down for maintenance." Ouch. >> >> http://www.linuxfoundation.**org/ <http://www.linuxfoundation.org/> has >> some information, but they're still >> "investigating." >> >> Looking at Linus' plus.google.com account doesn't give much information, >> either. >> >> Wondering when and if we can expect results on the compromise. >> >> Hmm. >> Daniel >> >> >> On Wed, Sep 14, 2011 at 2:15 PM, Kevin Chadwick<[email protected]** >> >wrote: >> >> On Tue, 13 Sep 2011 22:38:27 -0700 >>> lancebaynes87 wrote: >>> >>> I love OBSD, and I don't want it to fail like kernel.org: >>>> >>> >>> What happened, a ssh account password was stolen followed by local >>> privile;-Dge escalation. >>> >>> They have said that as far as code goes, no harm was done. The worrying >>> part was how the admins handled the server afterwards (just reboot and >>> see what happens isn't exactly a strategy and could make things >>> much worse). I guess that's because they don't really care too much >>> about the server aside from functionality as the code is protected by >>> the developers many systems and eyes. >>> >>> I'm also not sure if the hacked servers were running the website.
