Am 9. April 2019 10:53:40 MESZ schrieb aitor :
>Hi all,
>
>On 4/2/19 7:35 PM, Andrew McGlashan wrote:
>> Many April Fools are done/around/ the time of 1st April some
>get
>> in early on purpose, irregardless of time zones.
>>
>> Still, moving on; we've been promised that this won't happen
Hi all,
On 4/2/19 7:35 PM, Andrew McGlashan wrote:
Many April Fools are done/around/ the time of 1st April some get
in early on purpose, irregardless of time zones.
Still, moving on; we've been promised that this won't happen again.
Thank you.
Cheers
I didn't know about april's fools
On 4/2/19 6:14 PM, hal wrote:
>
>
> On 4/1/19 1:30 PM, KatolaZ wrote:
>
>>
>> There was no attack. There was no security incident. It was an April
>> fool. We have clarified that several times. I have apologised for
>> that. I am very sorry for the distress caused :\
>
> I think it's
On Tue, 2019-04-02 at 09:21 +0200, marc...@welz.org.za wrote:
> Weirdly enough I trust devuan a bit more after this incident:
Yup, same here. A good prank on Apr 1 is perfectly in keeping with the
finest UNIX traditions. It is the humorless scolds who should be
suspected.
Seeing the poo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/4/19 11:33 pm, Rowland Penny via Dng wrote:
> On Tue, 2 Apr 2019 14:28:52 +0200 Arnt Karlsen
> wrote:
>
>> On Tue, 2 Apr 2019 14:29:46 +0300, Dimitris wrote in message
>> :
>>
>>> - TZ difference is bad. we should all go GMT or something
On Mon, Apr 01, 2019 at 08:37:43PM -0500, goli...@dyne.org wrote:
>
> Apologies for the tardy response but I'm on my way to AMS atm and don't own
> a mobile device to keep current.
Sadly, I won't be meeting any of you in AMS next weekend. I'm rooted
to Montreal for medical reasons.
-- hendrik
Anno domini 2019 Tue, 2 Apr 13:33:20 +0100
Rowland Penny via Dng scripsit:
> On Tue, 2 Apr 2019 14:28:52 +0200
> Arnt Karlsen wrote:
>
> > On Tue, 2 Apr 2019 14:29:46 +0300, Dimitris wrote in message
> > :
> >
> > > - TZ difference is bad. we should all go GMT or something unique,
> > > and
On Tue, 2 Apr 2019 14:28:52 +0200
Arnt Karlsen wrote:
> On Tue, 2 Apr 2019 14:29:46 +0300, Dimitris wrote in message
> :
>
> > - TZ difference is bad. we should all go GMT or something unique,
> > and know when april fools starts/ends.
>
> ..disagreed, good pranks can use the extra bonus
On Tue, 2 Apr 2019 14:29:46 +0300, Dimitris wrote in message
:
> - TZ difference is bad. we should all go GMT or something unique, and
> know when april fools starts/ends.
..disagreed, good pranks can use the extra bonus time. ;o)
--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
On 4/2/19 9:14 AM, Ralph Ronnquist via Dng wrote:
> This ancient religion that I just made up relies on goat liver for
> guidance in professional decisions. I'll confer with my butcher.
vegetarian-wanna-be here. my spiritual leader (=gardener) suggested i
try water. indeed, i could reproduce,
On 4/1/19 8:05 PM, Mike Bird wrote:
Anyone using Devuan in production will, like us, have frozen
updates for now. This situation cannot persist long. If
Devuan/VUA cannot quickly prove itself worthy of trust we too
will have to rebuild our systems, and in doing so migrate away
from Devuan.
On Mon, Apr 01, 2019 at 12:27:25PM -0700, Mike Bird wrote:
> On Mon April 1 2019 12:18:53 Antony Stone wrote:
> > If this incident has made you distrust the Devuan project, you're probably
> > better off using a different distro.
>
> Are you a sysadmin? Are you responsible for other people's
On 4/1/19 1:30 PM, KatolaZ wrote:
>
There was no attack. There was no security incident. It was an April
fool. We have clarified that several times. I have apologised for
that. I am very sorry for the distress caused :\
I think it's noteworthy when a person steps up and owns a mistake.
> The surviving Devuan core team members will take zero or
> more steps to prove Devuan trustworthy and sysadmins will
> each decide for themselves or with their lawyers whether
> they can continue to use Devuan.
Weirdly enough I trust devuan a bit more after this incident:
- I now know that
Mike Bird wrote on 2/4/19 5:02 pm:
> The surviving Devuan core team members will take zero or
> more steps to prove Devuan trustworthy and sysadmins will
> each decide for themselves or with their lawyers whether
> they can continue to use Devuan.
This ancient religion that I just made up relies
On Mon April 1 2019 22:49:31 Steve Litt wrote:
> Mike, please speak for yourself. I get it: This incident caused you to
> take evasive action, and now you have serious doubts about using Devuan
> further. That's fine: There are other sans-systemd distros and BSDS
> that might be more or less
On Mon, 1 Apr 2019 13:52:34 -0700
Mike Bird wrote:
> On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> > 1) please give any requests for removing one of the core members
> > from the project or using legal enforcement a rest. KatolaZ
> > apologized already several times. So please let it
On 2019-04-01 15:18, Daniel Abrecht via Dng wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I assume the other staff members knew about it, was it discussed > at
the last meeting?
I was not aware of any discussion about this action. If I had been, I
would have done my best to stop
On 4/1/19 5:14 PM, Rick Moen wrote:
Quoting Mike Bird (mgb-dev...@yosemite.net):
[...]
KatolaZ has admitted guilt. Evilham has suggested an offline
"discussion" in a few days - a positive but inadequate response.
None of the other core team members have commented on this fiasco.
I look
Quoting Mike Bird (mgb-dev...@yosemite.net):
[...]
> KatolaZ has admitted guilt. Evilham has suggested an offline
> "discussion" in a few days - a positive but inadequate response.
> None of the other core team members have commented on this fiasco.
> I look forward to hearing that they have
Quoting etech3 (ete...@e-tech-systems.com):
> My advice to you is like the Marines motto: Lead, follow or get the
> hell out of the way.
That might be the motto of _some_ group of marines, but FWIW actual
service mottos are:
o Royal Marines (UK): Per mare, per terram.[1]
o U.S. Marine
On Mon April 1 2019 15:22:02 Martin Steigerwald wrote:
> And give the other core members a moment to give you the reassurance you
> need.
They haven't issued a statement since this began 30 hours ago.
Maybe they haven't finished their forensic analysis but they should
at least say whether
Mike Bird - 02.04.19, 00:03:
> On Mon April 1 2019 14:39:28 Martin Steigerwald wrote:
> > In what way is that not good enough for you? What would be required
> > for you to forgive a mistake and go on with your life?
[…]
> What part of Evilham's statement that "it still looks as if gdo and
> the
On Mon April 1 2019 14:39:28 Martin Steigerwald wrote:
> In what way is that not good enough for you? What would be required for
> you to forgive a mistake and go on with your life?
Hi Martin,
What part of Evilham's statement that "it still looks as if gdo and
the build system were compromised"
Mike Bird writes:
On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
For me that is good enough.
When core team member Evilham writes "it still looks as
if gdo and the build system were compromised" [1] I need a
lot more than a limited admission of guilt from KatolaZ
before trusting
On Mon April 1 2019 14:41:43 KatolaZ wrote:
> You are spreading FUD, since in the email you quoted Evilham never
> said the infra was compromised.
Here is the complete sentence from Evilham's email [1]. If you didn't
see it you didn't scroll down to read the full email. Evilham quotes
his
Let it go, Mike. At one level, I postponed some updates until the
"issue" was resolved, so I got caught in the joke. At another level, it
was funny that I allowed myself get drawn in. So what?
The Devuan team is working their asses off, with no requirement for
compensation (have you donated?) to
On Mon, Apr 01, 2019 at 02:28:48PM -0700, Mike Bird wrote:
> On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
> > For me that is good enough.
>
> When core team member Evilham writes "it still looks as
> if gdo and the build system were compromised" [1] I need a
> lot more than a limited
Dear Mike.
Mike Bird - 01.04.19, 22:52:
> On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> > 1) please give any requests for removing one of the core members
> > from the project or using legal enforcement a rest. KatolaZ
> > apologized already several times. So please let it go.
>
> I
On Mon April 1 2019 14:18:38 Martin Steigerwald wrote:
> For me that is good enough.
When core team member Evilham writes "it still looks as
if gdo and the build system were compromised" [1] I need a
lot more than a limited admission of guilt from KatolaZ
before trusting that Evilham was mistaken
Rowland Penny via Dng - 01.04.19, 22:37:
> The stunt pulled here could have caused alarm and distress and should
> never have happened. I do not know if this was a one person stunt or
> not, but in my opinion, the guy who pulled it should offer a
> grovelling apology and promise to never do
On Mon April 1 2019 13:55:28 Antony Stone wrote:
> On Monday 01 April 2019 at 22:52:34, Mike Bird wrote:
> > None of the other core team members have commented on this fiasco.
> > I look forward to hearing that they have taken appropriate action.
>
> What, in your opinion, would be "appropriate"?
Martin Steigerwald - 01.04.19, 22:25:
> 1) please give any requests for removing one of the core members from
> the project or using legal enforcement a rest. KatolaZ apologized
> already several times. So please let it go.
>
> 2) KatolaZ, could you repost your clarifying statement in thread
>
On Monday 01 April 2019 at 22:52:34, Mike Bird wrote:
> None of the other core team members have commented on this fiasco.
> I look forward to hearing that they have taken appropriate action.
What, in your opinion, would be "appropriate"?
Antony.
--
#define SIX 1+5
#define NINE 8+1
int
On Mon April 1 2019 13:25:15 Martin Steigerwald wrote:
> 1) please give any requests for removing one of the core members from the
> project or using legal enforcement a rest. KatolaZ apologized already
> several times. So please let it go.
I have not threatened "legal enforcement" against
On Monday 01 April 2019 at 22:12:45, Mike Bird wrote:
> An email claiming it was all a joke does nothing to prove the system
> secure even if it happens to be true.
It doesn't prove it to be secure, no, but it confirms that it's no less secure
than it was before the joke was perpetrated.
> It
On Mon, 1 Apr 2019 20:18:01 +
Daniel Abrecht via Dng wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> It's now clear that this was a planned action and there was no danger.
> But when it happened, this wasn't obvious in any way. I assume the
> other staff members knew about
Hi.
1) please give any requests for removing one of the core members from the
project or using legal enforcement a rest. KatolaZ apologized already several
times. So please let it go.
2) KatolaZ, could you repost your clarifying statement in thread "devuan.org is
back" signed with your gpg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
It's now clear that this was a planned action and there was no danger.
But when it happened, this wasn't obvious in any way. I assume the
other staff members knew about it, was it discussed at the last meeting?
I really like April Fools, but this
On Mon April 1 2019 12:44:05 Antony Stone wrote:
> No, I have complied with my country's laws regarding personal data
> protection and taken "appropriate technical and organisational measures" to
> ensure the security of the systems.
You do not seem to understand security. Once there is the
Evilham via Dng writes:
Evilham via Dng writes:
(*): **to my knowledge** means that I am still trusting the
communications and the project, even if I decided keep in place
the
temporarily disconnect of my systems from devuan's infra.
FWIW if anyone cares, I checked what I could and
On Monday 01 April 2019 at 21:27:25, Mike Bird wrote:
> On Mon April 1 2019 12:18:53 Antony Stone wrote:
> > If this incident has made you distrust the Devuan project, you're
> > probably better off using a different distro.
>
> Are you a sysadmin?
Yes.
> Are you responsible for other people's
I have complete trust in the complete Devuan team. Having been around
since the start, I know and have emailed/irc most if not all since the
beginning.
The clues were there from the start. If this is the worst that ever
happens to you, consider yourself lucky. After forty years in
Mike Bird [01.04.2019 20:43]:
> Authorised access does not make wrongdoing lawful. The other Devuan
> admins urgently need to remove you, consult a lawyer or the police,
> replace all authorisation tokens and keys, and rebuild from trusted
> sources.
>
> Or they could let Devuan revert to a toy
On Mon April 1 2019 12:18:53 Antony Stone wrote:
> If this incident has made you distrust the Devuan project, you're probably
> better off using a different distro.
Are you a sysadmin? Are you responsible for other people's data?
Let's say you have the misfortune to have one of your servers
On Monday 01 April 2019 at 21:15:13, Mike Bird wrote:
> On Mon April 1 2019 11:51:46 Antony Stone wrote:
> > So, you did not believe one of the primary project contributors when he
> > admits to having created the hoax?
>
> He has proven himself unworthy of trust.
No, he's demonstrated that he
On Mon April 1 2019 11:51:46 Antony Stone wrote:
> So, you did not believe one of the primary project contributors when he
> admits to having created the hoax?
He has proven himself unworthy of trust.
The only question is whether the other four choose to fix the
problem in a sufficiently
On Monday 01 April 2019 at 20:39:27, Mike Bird wrote:
> On Mon April 1 2019 11:12:34 Antony Stone wrote:
> > On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> > Which part of the following did you not understand?
>
> The post was easy to understand.
>
> It may be true. Or maybe not.
On Mon April 1 2019 11:30:34 KatolaZ wrote:
> > I know nothing of Italian law but whether or not the incident
> > should be referred for criminal prosecution is a question you
> > should already be discussing with your lawyers or the police.
>
> Yeah, let's tell the Italian police that an
On Mon April 1 2019 11:12:34 Antony Stone wrote:
> On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> Which part of the following did you not understand?
The post was easy to understand.
It may be true. Or maybe not.
Sysadmins are entrusted with people's data - their
bank accounts and
On Mon, Apr 01, 2019 at 11:05:11AM -0700, Mike Bird wrote:
>
> There are two very real problems: (1) the untrustworthy person
> with access to Devuan's infrastructure and (2) Devuan's thus-far
> totally inadequate response to a serious security incident.
>
There was no "untrhustworthy person"
you can always fork devuan and make a distro without-sense-of-humor :P
signature.asc
Description: OpenPGP digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
On Monday 01 April 2019 at 20:05:11, Mike Bird wrote:
> This attack...
It was not an attack.
> Any security lapse is serious.
It was not a security lapse.
> Claiming the incident was not serious does not make it less so,
However, admitting that it was a (possibly misguided) April Fool's
On Mon April 1 2019 06:29:10 Evilham via Dng wrote:
> Further clarifying things: **to my knowledge**(*) nothing has been
> compromised, but it is indeed a very elaborated prank.
Redirecting a web site is a juvenile and trivial edit that anybody
with access can do in seconds.
But if that was all,
Evilham via Dng writes:
(*): **to my knowledge** means that I am still trusting the
communications and the project, even if I decided keep in place
the
temporarily disconnect of my systems from devuan's infra.
FWIW if anyone cares, I checked what I could and things under my
control
are
55 matches
Mail list logo
