On Thu, July 30, 2015 14:20, Warren Young wrote:
>
> Did you see my exchange with James Byrne? His bogus counter to my
> claim that iPads canât be turned into botnet conscripts was to point
> (very indirectly) to a paper where some researchers found a way to
> jump through a whole bunch of hoo
On 7/31/2015 7:43 AM, Robert Wolfe wrote:
Firewalled to the outside world most likely.
and where's that? how could a default rule know the difference
between 'outside' and 'inside' without knowing specifics about your
LAN/WAN configuration ...many of my linux systems are in coloc
On 07/31/15 08:37, James B. Byrne wrote:
On Thu, July 30, 2015 12:54, Chris Murphy wrote:
On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
wrote:
Now I use Google. They offer MFA opt in. And now I'm more secure
than I was with the myopic ISP.
"More secure" only to the level one can trust
Firewalled to the outside world most likely.
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
John R Pierce
Sent: Thursday, July 30, 2015 4:41 PM
To: centos@centos.org
Subject: Re: [CentOS] Fedora change that will probably affect RHEL
On
that I set up.
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
Nathan Duehr
Sent: Thursday, July 30, 2015 4:24 PM
To: CentOS mailing list
Subject: Re: [CentOS] Fedora change that will probably affect RHEL
> On Jul 30, 2015, at 12
On 07/30/15 19:56, Always Learning wrote:
On Tue, 2015-07-28 at 14:27 -0600, Chris Murphy wrote:
The reality is all the bad practices happen because this
quickly provisioned machine is forgotten about for one reason or
another, and then it gets owned.
Linux users take a lot more care, and
On Thu, July 30, 2015 12:54, Chris Murphy wrote:
> On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
> wrote:
>
>>> Now I use Google. They offer MFA opt in. And now I'm more secure
>>> than I was with the myopic ISP.
>>
>> "More secure" only to the level one can trust google ;-)
>
> Yes I know, bu
On Jul 30, 2015, at 4:27 PM, Gordon Messmer wrote:
>
> On 07/30/2015 12:35 PM, Chris Murphy wrote:
>> No fail2ban, no firewall rules, sshd by default, challengeresponseauth
>> by default,
>
> ChallengeResponseAuth is not on by default, on Red Hat derived systems. I'm
> pretty sure that was alr
On Thu, 2015-07-30 at 12:46 -0500, Valeri Galtsev wrote:
> Google has always been in making profit on information [about us] they
> can collect. But in general you are right. Likelihood wise, I'll stick
> to my opinion ;-)
Hey, don't be greedy. Its our opinion too ;-)
--
Regards,
Paul.
Engla
On Thu, 2015-07-30 at 10:54 -0500, Valeri Galtsev wrote:
> "More secure" only to the level one can trust google ;-)
Trust and Google are mutually incompatible ;-)
> Just my $0.02
That's my €0.02
--
Regards,
Paul.
England, EU. England's place is in the European Union.
_
On Tue, 2015-07-28 at 14:46 -0600, Chris Murphy wrote:
> Windows Server has power shell disabled by default. The functional
> equivalent, sshd, is typically enabled on Linux servers. So I think
> it's overdue that sshd be disabled on Linux servers by default,
> especially because the minimum pass
On Tue, 2015-07-28 at 14:27 -0600, Chris Murphy wrote:
> The reality is all the bad practices happen because this
> quickly provisioned machine is forgotten about for one reason or
> another, and then it gets owned.
Linux users take a lot more care, and pride, in maintaining their
systems well a
On 07/30/2015 12:35 PM, Chris Murphy wrote:
No fail2ban, no firewall rules, sshd by default, challengeresponseauth
by default,
ChallengeResponseAuth is not on by default, on Red Hat derived systems.
I'm pretty sure that was already clarified, much earlier in this thread.
and a 9 character
On 7/30/2015 2:23 PM, Nathan Duehr wrote:
>On Jul 30, 2015, at 12:20, Warren Young wrote:
>
>Meanwhile over here in CentOS land, you still see SSH password guessers
banging on every public IP that responds to port 22. Why? Because it still
occasionally works. Increase the password strength
> On Jul 30, 2015, at 12:20, Warren Young wrote:
>
> Meanwhile over here in CentOS land, you still see SSH password guessers
> banging on every public IP that responds to port 22. Why? Because it still
> occasionally works. Increase the password strength minima, and this class of
> worm, t
Tom Bishop wrote:
> On Thu, Jul 30, 2015 at 1:20 PM, Warren Young wrote:
>> On Jul 29, 2015, at 5:40 PM, Chris Murphy
>> wrote:
>> > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young
>> wrote:
>> >
>> >> Security is *always* opposed to convenience.
>> >
>> > False. OS X by default runs only signed
On Thu, Jul 30, 2015 at 12:20 PM, Warren Young wrote:
> On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
>>
>> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>>
>>> Security is *always* opposed to convenience.
>>
>> False. OS X by default runs only signed binaries, and if they come
>> fro
On 7/30/2015 12:17 PM, Warren Young wrote:
No, what happens is that you call up your ISP to ask them for help blocking off
the DDoS attack, and you either get blown off or transferred to their sales
department to buy a “solution” to a problem they allow to exist because it
brings in extra reve
On Jul 29, 2015, at 6:19 PM, Nathan Duehr wrote:
>
>> On Jul 28, 2015, at 6:32 PM, Warren Young wrote:
>>
>> Now we have entrenched commercial interests that get paid more when you get
>> DDoS’d. I’ll give you one guess what happens in such a world.
>
> What happens? Folks have to think hard
On Thu, Jul 30, 2015 at 1:20 PM, Warren Young wrote:
> On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
> >
> > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
> >
> >> Security is *always* opposed to convenience.
> >
> > False. OS X by default runs only signed binaries, and if they come
On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
>
> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>
>> Security is *always* opposed to convenience.
>
> False. OS X by default runs only signed binaries, and if they come
> from the App Store they run in a sandbox. User gains significant
On Thu, July 30, 2015 11:54 am, Chris Murphy wrote:
> On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
> wrote:
>
>>> Now I use Google. They offer MFA opt in. And now I'm more secure than
>>> I was with the myopic ISP.
>>
>> "More secure" only to the level one can trust google ;-)
>
> Yes I know,
On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
wrote:
>> Now I use Google. They offer MFA opt in. And now I'm more secure than
>> I was with the myopic ISP.
>
> "More secure" only to the level one can trust google ;-)
Yes I know, but I put them in approximately the same ballpark as
having to tr
On Thu, Jul 30, 2015 at 9:10 AM, Lamar Owen wrote:
> On 07/29/2015 07:40 PM, Chris Murphy wrote:
>>
>> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>>
>>> Security is *always* opposed to convenience.
>>
>> False. OS X by default runs only signed binaries, and if they come
>> from the App
On Thu, Jul 30, 2015 at 8:32 AM, Lamar Owen wrote:
>From a hacked Linux server which was brute-forced and
> conscripted into being a slow bruteforcer node back in 2009 or so.
...
> Better enforcement of password policy on that server would have prevented
> the attack from succeeding and the machi
On Wed, July 29, 2015 4:16 pm, Chris Murphy wrote:
> On Wed, Jul 29, 2015 at 2:15 PM, Warren Young wrote:
>> Just because one particular method of prophylaxis fails to protect
>> against all threats doesnât mean we should stop using it, or increase
>> its strength.
>
> Actually it does.There is
On 07/29/2015 05:19 PM, Nathan Duehr wrote:
fail2ban isn’t in the stock package repo for CentOS 7, much less installed and
configured default. Until it is, it’s off-topic for this thread.
Didn’t realize that. Brilliant move, removing it… (rolls eyes at RH)…
I don't think it was removed... I
On 07/29/2015 07:40 PM, Chris Murphy wrote:
On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
Security is *always* opposed to convenience.
False. OS X by default runs only signed binaries, and if they come
from the App Store they run in a sandbox. User gains significant
security with this,
On 07/28/2015 03:06 PM, Chris Adams wrote:
Once upon a time, Warren Young said:
Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
botnets — is done on pnwed hardware, much of which was compromised by previous
botnets banging on weak SSH passwords.
Since most of tha
> On Jul 28, 2015, at 6:32 PM, Warren Young wrote:
>
> On Jul 28, 2015, at 4:37 PM, Nathan Duehr wrote:
>>
>>> On Jul 28, 2015, at 11:27, Warren Young wrote:
>>>
>>> So no, your local password quality policy is not purely your own concern.
>>
>> Other than DDoS which is a problem of enginee
On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
> Security is *always* opposed to convenience.
False. OS X by default runs only signed binaries, and if they come
from the App Store they run in a sandbox. User gains significant
security with this, and are completely unaware of it. There is n
On Jul 29, 2015, at 3:16 PM, Chris Murphy wrote:
>
> On Wed, Jul 29, 2015 at 2:15 PM, Warren Young wrote:
>> Just because one particular method of prophylaxis fails to protect against
>> all threats doesn’t mean we should stop using it, or increase its strength.
>
> Actually it does.There is n
On Jul 29, 2015, at 2:51 PM, Nathan Duehr wrote:
>
>> On Jul 28, 2015, at 5:46 PM, Warren Young wrote:
>>
>> The Apple ID password rules are a fair bit stronger than the libpwquality
>> rules we’ve been discussing here, and have been so for some time:
>
> Disingenuous. It does not REQUIRE you
On Wed, Jul 29, 2015 at 2:15 PM, Warren Young wrote:
> Just because one particular method of prophylaxis fails to protect against
> all threats doesn’t mean we should stop using it, or increase its strength.
Actually it does.There is no more obvious head butting than with
strong passwords vs usa
> On Jul 28, 2015, at 5:46 PM, Warren Young wrote:
>
> The Apple ID password rules are a fair bit stronger than the libpwquality
> rules we’ve been discussing here, and have been so for some time:
>
> https://support.apple.com/en-us/HT201303
>
> Given that recent OS X releases want to use yo
On Jul 28, 2015, at 8:50 PM, Chris Murphy wrote:
>
> On Tue, Jul 28, 2015 at 6:32 PM, Warren Young wrote:
>> On Jul 28, 2015, at 4:37 PM, Nathan Duehr wrote:
>
>>> Equating this to “vaccination” is a huge stretch.
>>
>> Why?
>
> It's not just an imperfect analogy it really doesn't work on cl
On Jul 28, 2015, at 8:37 PM, Gordon Messmer wrote:
>
> On 07/28/2015 04:29 PM, Warren Young wrote:
>> They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the
>> previous low-hanging fruit. Do you think those were bad decisions, too?
>
> As far as I know, PermitRootLogin has n
On Jul 29, 2015, at 7:24 AM, James B. Byrne wrote:
>
>
> On Tue, July 28, 2015 19:46, Warren Young wrote:
>>
>> iPads canât be coopted into a botnet. The rules for iPad passwords
>> must necessarily be different than for CentOS.
>>
>
> http://www.tomsguide.com/us/ios-botnet-hacking,news-19
On Wed, Jul 29, 2015 at 06:20:44AM -0500, Johnny Hughes wrote:
> > You (and others) are misunderstanding my off-the-cuff remark.
> > It was purely an observation about the lack of statistics.
> > I rarely if ever see a statement of the kind
> > "Among Fedora users 37% use KDE and 42% Gnome".
> >
On Wed, Jul 29, 2015 at 05:58:51AM -0400, Scott Robbins wrote:
> I've seen various decisions made by Fedora, which weren't even necessarily
> bad for its apparent target audience, the desktop user, that, while not
> insurmountable, get put into RHEL, and therefore CentOS.
I would highly recommend
On Tue, July 28, 2015 19:46, Warren Young wrote:
>
> iPads canât be coopted into a botnet. The rules for iPad passwords
> must necessarily be different than for CentOS.
>
http://www.tomsguide.com/us/ios-botnet-hacking,news-19253.html
--
*** e-Mail is NOT a SECURE channel **
On 07/29/2015 06:00 AM, Timothy Murphy wrote:
> Chris Murphy wrote:
>
No, I am making the assumption that the vast majority of CentOS installs
are racked up in datacenters, VPS hosts, etc.
>
>>> Is that true, I wonder?
>>> For some reason Fedora and CentOS seem reluctant to find out any
Chris Murphy wrote:
>>> No, I am making the assumption that the vast majority of CentOS installs
>>> are racked up in datacenters, VPS hosts, etc.
>> Is that true, I wonder?
>> For some reason Fedora and CentOS seem reluctant to find out anything
>> about their users (or what their users want).
On Tue, Jul 28, 2015 at 07:37:45PM -0700, Gordon Messmer wrote:
> On 07/28/2015 04:29 PM, Warren Young wrote:
> >They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the
> >previous low-hanging fruit. Do you think those were bad decisions, too?
>
> As far as I know, PermitRootLo
On Tue, Jul 28, 2015 at 08:01:21PM -0600, Chris Murphy wrote:
> On Tue, Jul 28, 2015 at 6:17 PM, Timothy Murphy wrote:
> > Warren Young wrote:
> >
> >
> >> No, I am making the assumption that the vast majority of CentOS installs
> >> are racked up in datacenters, VPS hosts, etc.
> >
> > Is that tr
On Tue, Jul 28, 2015 at 6:32 PM, Warren Young wrote:
> On Jul 28, 2015, at 4:37 PM, Nathan Duehr wrote:
>> Equating this to “vaccination” is a huge stretch.
>
> Why?
It's not just an imperfect analogy it really doesn't work on closer scrutiny.
Malware itself is not a good analog to antigens. V
On 07/28/2015 04:29 PM, Warren Young wrote:
They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the
previous low-hanging fruit. Do you think those were bad decisions, too?
As far as I know, PermitRootLogin has not been set to "no" by default.
At least, I've never seen that
On 07/28/2015 09:01 PM, Chris Murphy wrote:
> On Tue, Jul 28, 2015 at 6:17 PM, Timothy Murphy wrote:
>> Warren Young wrote:
>>
>>
>>> No, I am making the assumption that the vast majority of CentOS installs
>>> are racked up in datacenters, VPS hosts, etc.
>>
>> Is that true, I wonder?
>> For some
On Tue, Jul 28, 2015 at 6:17 PM, Timothy Murphy wrote:
> Warren Young wrote:
>
>
>> No, I am making the assumption that the vast majority of CentOS installs
>> are racked up in datacenters, VPS hosts, etc.
>
> Is that true, I wonder?
> For some reason Fedora and CentOS seem reluctant to find out a
On Tue, Jul 28, 2015 at 5:46 PM, Warren Young wrote:
> On Jul 28, 2015, at 2:46 PM, Chris Murphy wrote:
>>
>> My dad will absolutely stop using his iPad if it ever
>> requires him to use anything more than 4 numeric digits for his
>> password. The iPad never leaves the house.
>
> iPads can’t be c
On Jul 28, 2015, at 7:05 PM, Chris Murphy wrote:
>
> no OS does this right now
Chrome OS does, because your OS password is your Google password. Therefore,
Chrome OS’s password quality minima are Google’s minima, which are similar to
libpwquality’s defaults:
http://passrequirements.com/pas
On Jul 28, 2015, at 5:17 PM, Chris Murphy wrote:
>
> On Tue, Jul 28, 2015 at 4:34 PM, Warren Young wrote:
>> But as I have repeatedly pointed out here, the stock rules really are not
>> that onerous. They basically encode best practices established 20 years ago.
>
> In order to protect a syst
On Tue, Jul 28, 2015 at 5:29 PM, Warren Young wrote:
> On Jul 28, 2015, at 2:27 PM, Chris Murphy wrote:
>>
>> On Tue, Jul 28, 2015 at 11:27 AM, Warren Young wrote:
>>
>>> Your freedom to use any password you like stops at the point where
>>> exercising that freedom creates a risk to other peopl
On Jul 28, 2015, at 4:37 PM, Nathan Duehr wrote:
>
>> On Jul 28, 2015, at 11:27, Warren Young wrote:
>>
>> So no, your local password quality policy is not purely your own concern.
>
> Other than DDoS which is a problem of engineering design of how the network
> operates (untrusted anything c
On Wed, Jul 29, 2015 at 02:17:23AM +0200, Timothy Murphy wrote:
> Is that true, I wonder?
> For some reason Fedora and CentOS seem reluctant to find out anything
> about their users (or what their users want).
I can't speak for CentOS, but Fedora, at least, this is absolutely not
true. It's just a
Warren Young wrote:
> No, I am making the assumption that the vast majority of CentOS installs
> are racked up in datacenters, VPS hosts, etc.
Is that true, I wonder?
For some reason Fedora and CentOS seem reluctant to find out anything
about their users (or what their users want).
Is anything
On Jul 28, 2015, at 2:46 PM, Chris Murphy wrote:
>
> My dad will absolutely stop using his iPad if it ever
> requires him to use anything more than 4 numeric digits for his
> password. The iPad never leaves the house.
iPads can’t be coopted into a botnet. The rules for iPad passwords must
nece
On Jul 28, 2015, at 2:27 PM, Chris Murphy wrote:
>
> On Tue, Jul 28, 2015 at 11:27 AM, Warren Young wrote:
>
>> Your freedom to use any password you like stops at the point where
>> exercising that freedom creates a risk to other people’s machines.
>
> Your freedom to have sshd enabled by def
On Tue, Jul 28, 2015 at 4:34 PM, Warren Young wrote:
> That’s only true if the majority of people will in fact override the default
> policy.
The current behavior in Fedora and CentOS lets you click Done twice
and bypass the weak password complaint.
> But as I have repeatedly pointed out here
> On Jul 28, 2015, at 11:27, Warren Young wrote:
>
> On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote:
>>
>> 1FuckingPrettyRose
>> "Sorry, you must use no fewer than 20 total characters."
>> 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow!
>> "Sorry, you cannot use punctu
On Jul 28, 2015, at 1:06 PM, Chris Adams wrote:
>
> Once upon a time, Warren Young said:
>> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
>> botnets — is done on pnwed hardware, much of which was compromised by
>> previous botnets banging on weak SSH passwords.
>
On 07/28/2015 02:08 PM, Chris Murphy wrote:
The whole idea of IPv6 is that, with proper authentication and
encryption, we can access any device anywhere. So firewalling
everything centrally would appear to break that.
I think you're assuming that IPv6 carries with it a policy, when it is
mer
On 07/28/2015 02:15 PM, John R Pierce wrote:
PowerShell does not by itself allow external connections, you'd need
to configure a telnetd or sshd server to allow that
WinRM, more likely. Though I understand the MS is working on an SSH
server for powershell for some future release.
___
On 7/28/2015 1:46 PM, Chris Murphy wrote:
Windows Server has power shell disabled by default. The functional
equivalent, sshd, is typically enabled on Linux servers.
to be pedantic about it, the equivalent of PowerShell is NOT sshd, its
bash/ksh/csh/zsh/sh ... PowerShell does not by itself a
On Tue, Jul 28, 2015 at 3:10 PM, Robert Wolfe wrote:
> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
> Of Chris Murphy
> Sent: Tuesday, July 28, 2015 3:46 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Fedor
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
Chris Murphy
Sent: Tuesday, July 28, 2015 3:46 PM
To: CentOS mailing list
Subject: Re: [CentOS] Fedora change that will probably affect RHEL
[...]
What you said:
"Windows Server has
On Tue, Jul 28, 2015 at 3:04 PM, Gordon Messmer
wrote:
> On 07/28/2015 01:46 PM, Chris Murphy wrote:
>>
>> Future concern is IPv6 stuff, now that Xfinity has forcibly changed
>> their hardware to include full IPv6 support. I have no idea if this is
>> NAT'd or rolling IPs or what.
>
>
> All of the
On 07/28/2015 01:46 PM, Chris Murphy wrote:
Future concern is IPv6 stuff, now that Xfinity has forcibly changed
their hardware to include full IPv6 support. I have no idea if this is
NAT'd or rolling IPs or what.
All of the routers I've seen merely firewall inbound traffic, allowing
none. The
On Tue, Jul 28, 2015 at 1:06 PM, Chris Adams wrote:
> Once upon a time, Warren Young said:
>> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
>> botnets — is done on pnwed hardware, much of which was compromised by
>> previous botnets banging on weak SSH passwords.
On Tue, Jul 28, 2015 at 11:27 AM, Warren Young wrote:
> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
> botnets — is done on pnwed hardware, much of which was compromised by
> previous botnets banging on weak SSH passwords.
>
> Your freedom to use any password you
On Tue, Jul 28, 2015 at 02:20:06PM -0500, Johnny Hughes wrote:
> If RHEL releases source code that does not accept weak passwords, then
> we will rebuild that source code for CentOS Linux. If they later change
> the source code to add back weak password support, we will rebuild that too.
>
> Whet
On 07/28/2015 02:06 PM, Chris Adams wrote:
> Once upon a time, Warren Young said:
>> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
>> botnets — is done on pnwed hardware, much of which was compromised by
>> previous botnets banging on weak SSH passwords.
>
> Since
Once upon a time, Warren Young said:
> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
> botnets — is done on pnwed hardware, much of which was compromised by
> previous botnets banging on weak SSH passwords.
Since most of that crap comes from Windows hosts, the sec
On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote:
>
>1FuckingPrettyRose
> "Sorry, you must use no fewer than 20 total characters."
> 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow!
> "Sorry, you cannot use punctuation."
>1FuckingPrettyRoseShovedUpYourAssIfYouDontGiveMe
On Jul 25, 2015, at 9:40 AM, Scott Robbins wrote:
>
> This might show up twice, I think I sent it from a bad address previously.
> If so, please accept my apologies.
I’d rather have your apology for trying to raise a zombie:
https://www.mail-archive.com/centos%40centos.org/msg108580.html
We
On 07/26/2015 08:13 AM, Johnny Hughes wrote:
> On 07/25/2015 05:00 PM, Gordon Messmer wrote:
>> On 07/25/2015 11:45 AM, Jake Shipton wrote:
>>> I think a better solution to suite both worlds would be to simply have a
>>> boot flag on the installation media such as maybe
>>> "passwordcheck=true/fals
On 07/25/2015 05:00 PM, Gordon Messmer wrote:
> On 07/25/2015 11:45 AM, Jake Shipton wrote:
>> I think a better solution to suite both worlds would be to simply have a
>> boot flag on the installation media such as maybe
>> "passwordcheck=true/false"
>
> https://xkcd.com/1172/
>
> It's practicall
On Sat, 25 Jul 2015 11:16:18 -0600
Chris Murphy wrote:
> On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins wrote:
> > This might show up twice, I think I sent it from a bad address previously.
> > If so, please accept my apologies.
> >
> >
> > In Fedora 22, one developer (and only one) decided tha
On 07/25/2015 11:45 AM, Jake Shipton wrote:
I think a better solution to suite both worlds would be to simply have a
boot flag on the installation media such as maybe
"passwordcheck=true/false"
https://xkcd.com/1172/
It's practically a law that every time someone's workflow is broken,
they re
On 25/07/15 18:24, Scott Robbins wrote:
> On Sat, Jul 25, 2015 at 11:16:18AM -0600, Chris Murphy wrote:
>> On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins wrote:
>>> This might show up twice, I think I sent it from a bad address previously.
>>> If so, please accept my apologies.
>>>
>>>
>>> In Fed
On Sat, Jul 25, 2015 at 11:16:18AM -0600, Chris Murphy wrote:
> On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins wrote:
> > This might show up twice, I think I sent it from a bad address previously.
> > If so, please accept my apologies.
> >
> >
> > In Fedora 22, one developer (and only one) decide
On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins wrote:
> This might show up twice, I think I sent it from a bad address previously.
> If so, please accept my apologies.
>
>
> In Fedora 22, one developer (and only one) decided that if the password
> chosen during installation wasn't of sufficient
This might show up twice, I think I sent it from a bad address previously.
If so, please accept my apologies.
In Fedora 22, one developer (and only one) decided that if the password
chosen during installation wasn't of sufficient strength, the install
wouldn't continue. A bug was filed, and t
83 matches
Mail list logo
