The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Changing the way we deal with source archives



From: Philippe Troin <phil@fifi.org>
> The purpose of deletion of to make the source smaller.

I understand. I'm not sure we should be doing that.

> Ad for traceability, why not allowing developpers which make such changes
> to stamp the source as the original developper would do ? (assuming it does,
> which I doubt (maybe a little pessimistic on this)).
> The trace of the source would be from the developper to maintainer to user...
> Is this stupid ?

Not stupid. Maybe sloppy.

> I don't really understand all this recent paranoia, and what's behind what
> you call traceability...

Well, the theory is that anyone who wants to can slip a trojan horse into
the system. We can't review all of the code, so we at least want to be
able to verify that we got the package unmodified from its author, and we
want it to be really easy to see how Debian changed the package.

And when did the paranoia start? For many people it started when a virus
popped up on Linux. A virus called "Bliss", as in "Ignorance is Bliss".
However, for me it started a lot earlier. I've been talking about how to
fight trojans for a long time.

	Thanks

	Bruce
--
Bruce Perens K6BP   Bruce@Pixar.com   510-215-3502
Finger bruce@master.Debian.org for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6  1F 89 6A 76 95 24 87 B3