[GRLUG] FW: $849 - New IBM Thinkpad T61 Core 2 Duo Laptop 2.0GHz with DVD-R, WWAN, WiFi and Widescreen

Collin adderd at kkmfg.com
Wed May 14 11:57:45 EDT 2008


  

>> I just heard about how Debian's propensity to modify every package has 
>> come back to bite them (with OpenSSL I believe.) Is it really safe to 
>> trust them any longer?
>>     
>
> I just heard about Microsoft's criminal convictions in 15+ International
> Countries.
>
> Is it really safe to trust them any longer?
>   
Who ever did? I wouldn't be using windows right now if I could help it. 
But, unfortunately a lot of business software tends to be windows only.

>
> BTW, *EVERY* distribution modifies packages locally.
>   
To some extent but how many modify so many packages so often? Also, the 
openssl vulnerability is pretty major and has been there for over a 
year. That's a pretty serious problem.  It's especially serious given 
these two facts: 1. There seems to have been no good reason to be 
touching that code 2: Now that they did any private keys generated on a 
Debian derivative in the past year are now as good as compromised and 
have to be replaced.

> BTW, Collin stop being a mule's butt.
>   
I still stand by my views on top posting and I still think that my 
current question is valid. The replies I've gotten tend to suggest that 
while Debian really screwed up badly with the openssl ordeal, that they 
still do much more good than harm. This is comforting to know.
 
The question: Is X linux distributor trustworthy if their maintainers 
remove security features from a really important package?

Is that really that bad of a question or are you just that grumpy?


More information about the grlug mailing list