Re: Secrecy and user trust

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quoting Bill Davidsen <davidsen@xxxxxxx>:

As noted, the detail I would have liked was to know if this was a
failure of system security or a failure of misplaced trust. If there is
a hole in their server system security it's likely to be in ours as
well.

And if someone could say with certainty that packages downloaded before
{date} were safe, it would be more reassuring than "there is little
risk to Fedora users who wish to install or upgrade signed Fedora
packages." If the start date of the problem is known, that would be
really good information for people who keep a local repository and
don't have to upgrade every new install totally over the network.

Well, I know someone on this list said I should feel safe in upgrading my F6 box to F9. I don't know if that answers your questions or not. That being said, I think I'll wait until F10 or until fresh ISO images come out. Despite the fact that my only installation is a single, personal box, I don't want to risk getting hacked because someone *may* have gotten some bogus packages into the system and/or compromised the signing key for Fedora.

Unless/until someone from Fedora says "It is safe to install Fedora 9 from the original ISO images distributed when F9 was released" I am not going to trust that they are safe.

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux