Slashdot Mirror

← Back to Stories (view on slashdot.org)

Debian Struggling With Security

Posted by Zonk on from the invaders-at-the-gates dept.

Masq666 wrote to mention a ZDNet article discussing difficulties Debian is having with security updates. From the article: "...Lack of manpower also appears to be adding to Debian's security woes. Michael Stone, another member of Debian's security team, expressed his frustration to the organisation's security e-mail mailing list in mid-June, saying there was no effective tracking of security problems."

3 of 264 comments (clear)

  1. Pick any two by mcrbids · · Score: 5, Insightful

    Secure, Convenient, Cheap.

    Pick any two.

    (General rule, but it does generally follow)

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  2. Re:How the mighty have fallen... by tacocat · · Score: 5, Insightful

    It would be a hell of a lot easier if they only supported X86 architecture like all those other Distros you refer to as the ones to lag behind.

    I think what they really suffer from, and I am not expert, is politics of a large system and the perception of lots of power sitting on top. I could be wrong.

    Regardless of what anyone might want to say against Debian, I still believe that they are extremely good at what they do and don't get credit for it. There is no other distro out there that attempts to support as many architectures as effectively (or at all) and if Debian decided to just delete them all except X86/X86-64 then their job would be a hell of a lot easier to execute.

  3. Re:Now If This Was Microsoft... by Ernesto+Alvarez · · Score: 5, Insightful

    You've got to admit there is a fundamental difference that would also cause that change of attitudes.

    Debian security guys tend to have an attitude of trying to do things right. You're talking about the same people that chose to stop everything when they were compromised last year (and that was two days before a woody revision release). It's no surprise that people think of them as a good team without the necesary resources that need help. After all, they appear to do what they can with whatever resources they've got.

    Microsoft, however, is known for turning a blind eye to big problems, trusting no one will find out and trying to NDA the hell out of everyone. Considering people pay big $$$ to them, and they do play dumb more often than they should, guess what the attitude toward them would be.

    MS has been doing things a little better lately, but years of treating security like they did in the '90s aren't forgotten that easily.

    I like Debian, and really hope they can solve their staff shortage. I wouldn't like them to go under because of this.

    --
    GPG 0x1B479C78