Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Fedora-Red Hat Crisis

Posted by Soulskill on from the evidently-it-doesn't-start-at-the-top dept.

jammag writes "When Linux journalist Bruce Byfield tried to dig for details about the security breach in Fedora's servers, a Red Hat publicist told him the official statement — written in non-informative corporate-speak — was all he would get. In the wake of Red Hat's tight-lipped handling of the breach, even Fedora's board was unhappy, as Byfield details. He concludes: 'If Red Hat, one of the epitomes of a successful FOSS-based business, can ignore FOSS when to do so is corporately convenient, then what chance do we have that other companies — especially publicly-traded ones — will act any better?'"

5 of 263 comments (clear)

  1. Consider Red Hat's response vs. Debian's by Bruce+Perens · · Score: 5, Insightful
    I liked the way that Debian handled its server breach, and the more recent SSL bug. They realized that their first responsibility was to the users. They knew that not just Debian but all Debian derivatives like Ubuntu would be effected, and that the best way to handle it was to publish the full details and what they were doing to fix them. They came out of both situations looking better than Red Hat has this time. And it's not what Fedora looks like. Red Hat obviously took control, shutting off outside reporting in a way that never would have flown with a real Open Source project rather than a company dominating an Open Source project, and thus Red Hat got the loss of credibility.

    The problem with a lot of corporate Open Source is that they ignore the ethical foundation of Open Source. And eventually we find out that Open Source isn't quite as good without the ethics.

    Bruce

    --
    Bruce Perens.
    1. Re:Consider Red Hat's response vs. Debian's by segedunum · · Score: 5, Insightful

      I liked the way that Debian handled its server breach, and the more recent SSL bug.

      Unfortunately, that uncovered something perhaps more serious at the heart of Debian. Stop hacking on stuff downstream that you don't have any real idea about and that will only affect you if it blows up. The SSL thing has been a disaster waiting to happen, and it will probably happen again.

  2. Re:welcome to the world by robo_mojo · · Score: 5, Insightful

    "Frankly" when business is more important than the customer, often the business isn't worth a damn.

  3. Does this justify the word "crisis?" by bogaboga · · Score: 5, Insightful

    Does this justify the word "crisis?" I doubt it does. In my opinion "conundrum" would be a better word.

    At first read, the heading made me think that Red Hat and Fedora communities were bickering big time, threatening timely releases of software we have [all] come to rely on. Of course this is not the case.

    So why the sensational heading?

  4. Re:gotta say, this is BAD by Bruce+Perens · · Score: 5, Insightful

    surprise surprise, our 850 RHEL4/5 installs had none

    You're very trusting with all that money. Someone else in the same situation might truthfully report: my vendor is keeping me the dark, I don't know the nature and degree of my own exposure.

    This would make me nervous.

    --
    Bruce Perens.