OpenSSL Fiasco

May 15, 2008

Hey folks,

Here’s my unofficial take on the OpenSSL/Debian mess:

If you do not understand the implications of which kind of keys are threatened then create new keys on a known-patched system(Any and All Fedora/RHEL/CentOS systems are known safe) and replace all of your old ones.

Good.

Update: Just in case someone is misunderstanding what I’m saying here. I’m not bad mouthing debian, I’m not saying that fedora is invulnerable to bugs. I am saying that if you’re worried about whether or not the system you’re running can safely generate a new ssh key you should know that to the best knowledge at this time Fedora/Centos/RHEL are known to be safe for generating new keys with sufficient randomness.

That is all.

fedora 9 for me so far

May 15, 2008

Here’s what I’ve seen that’s irked me in f9 thus far:

1. bug in yum which is now fixed upstream keeping yum from doing the right thing about conditionally installed pkgs in groups already being installed (silly). It’ll be in an update in testing tomorrow.

2. PK ignoring my preferences and annoying me about updates that I don’t care about.

3. _something_ makes firefox and liferea stall out for a long time. This may not be a bug – it may actually be my hard drive trying to die on me.

Things I’m quite happy with:

1. usb persistence may actually save my butt

2. pybackpack works still. (If you think this is not a big deal please see #3 in the above list)

3. We’re seeing some pretty phenomenal numbers of downloads and a lot of overall excitement about this release.

That’s what I have, thus far.

good rule

May 15, 2008

If you fail to make even the slightest effort to save gas, you are not allowed to complain about gas prices, no matter how high they get.

From here.