The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new maintainers



> Bruce Perens wrote:
> > 
> > There are a good many people who aren't going to take the need for
> > screening seriously until something happens, and then we will look very
> > bad and people will have their systems damaged and they will never trust us
> > again. I'm trying to avoid that, but I doubt I'll be able to. We need to
> 
> I don't understand.  Why can't we simply disallow maintainers from
> uploading files to released releases or frozen? Isn't unstable supposed
> to be unstable?

Yes!

Let's do that "testing" thing.  If someone slips in a trojan horse, it'll nuke
the tester's machines.  Of course, if someone volunteers to be a tester, 
they'll make it a point to keep backups.  No harm done.

If somebody tries to slip something more insiduous through, we've got a
problem.  I don't view this as being an extremely likely scenario --
we're not a target like Microsoft is -- but it is possible.  But if we
demand that packages be signed (and we check the signatures), we can
trace the damage back to the source -- and proceed with criminal charges.

I don't see any reason to go into extremely intrusive background checks
(ie. credit ratings) -- but we should ensure that people are who they say
they are.  I think that's all we really have to do, as long as we do
testing.

Let's be the "OPEN" free software distribution.  That's why I'm here.

Cheers,

 - Jim


Attachment: pgpSt7dhNtid5.pgp
Description: PGP signature