Date: Sat, 20 Oct 2001 01:50:07 -0700 From: Jordan Hubbard <jkh@freebsd.org> To: kris@obsecurity.org Cc: cvs-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: www/en index.xsl Message-ID: <20011020015007G.jkh@freebsd.org> In-Reply-To: <20011020011816.A70167@xor.obsecurity.org> References: <200110200439.f9K4dqF53354@freefall.freebsd.org> <20011020011816.A70167@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, I wouldn't say that there was "harm" in continuing to display it since harm's a strong word, but I certainly agreed with Murray that plastering it right across the home page was a little extreme for more than a few weeks. To put it mildly, it was pretty ugly. If you want to educate the johnny-come-latelys from the top page, my suggestion would be to have a permanent (and somewhat more innocuous) security link which points to a page which contains everything that's been discovered over the past year or so WRT security issues. - Jordan > On Fri, Oct 19, 2001 at 09:39:51PM -0700, Jordan K. Hubbard wrote: > > jkh 2001/10/19 21:39:51 PDT > > > > Modified files: > > en index.xsl > > Log: > > Stop screaming about the telnet exploit. It's been long enough. > > > > Noticed by: murray > > Actually I had wanted to leave it there a bit longer. There's no harm > in continuing to advertise it: historically, it seems to take around 6 > months for most people to upgrade their systems to fix vulnerabilities > (e.g. the last bind root exploit took >6 months for the complaint > emails about named dying to tail off). This suggests that there are > likely to still be a lot of people out there who haven't heard about > the problem yet. > > Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011020015007G.jkh>