non-disclosure of infrastructure problem a management issue?
Bj ø rn Tore Sund
bjorn.sund at it.uib.no
Sun Aug 24 13:20:54 UTC 2008
Björn Persson asked:
> Bjørn Tore Sund wrote:
>> One thing this
>> incident has taught us is to take regular backups of that mirror so that we
>> can roll back to a non-suspect version of the Fedora updates. Didn't have
>> that before, really missed it the last couple of weeks.
>
> How far would you have rolled it back? During the whole time that the Fedora
> repositories were suspect there was no information whatsoever on how old
> packages would have to be to be non-suspect. And while the infrastructure
> team either knew or suspected the whole time that the issue they were
> investigating was an intrusion, it probably did take some time before they
> knew how long the intrusion had been going on.
Sometimes you have all necessary information and can reach a well-founded
conclusion. Sometimes you have to guess and hope for the best. When I have
to guess because others are keeping information I need from me I'll postpone
the guessing while I attempt to persuade said other of the error of their
ways. But I'll still make that guess when all else fails.
-BT
--
Bjørn Tore Sund Phone: 555-84894 Email: bjorn.sund at it.uib.no
IT department VIP: 81724 Support: http://bs.uib.no
Univ. of Bergen
When in fear and when in doubt, run in circles, scream and shout.
More information about the users
mailing list