With news breaking about the compromised systems for kernel.org, linux.com, which are sites are “down for maintenance”. Completely – and it’s been this way for many days now. (Kernel.org since the 28th)
I think it’s safe to say the range and scope of the issues are pretty disappointing – the longer these systems stay down the more obvious it is that the damages are probably higher than perceived before; I’m having a hard time saying the administrators of these groups are just this slow at being cautious. (Especially the ‘forward facing ‘ hosts)
(Segway to Git)
It’s interesting to note that a LOT of bullets with the security breach are dodged with the parity cryptography used by Git. Pretty cool! (Linus seems to be flirting with the idea of using Github for latest kernel developement.)
After keeping an eye on the “choosing a DVCS” discussions for PHP, a lot of people are in favor of leveraging Git purely because of Github – whereas Mercurial, something we use at M State has been around for a bit less – has a stronger, more mature toolset (Albeit, a bumpy ride for sure!); and, from my standpoint – better cross platform implementation. The speed differences are somewhat minimal.
The allure of Github is the social endeavour; this has fueled a much more active community (compared to Bitbucket, less ‘social-ly’). It looks like Git has finished clobbering competitors like Bazaar and Perforce and finally, I’m willing to throw in the towel for my support of Mercurial and say there’s little room for traction for Hg.
The programming world is a lot of work to follow =\
(Also: It’s September 11th – take a moment to reflect – cast some sympathy and reverence for the lives lost! )
linux.com has been updated and now states that they will be “restoring service shortly” – different from the original FAQ page they had up about the breach.
I’d expect kernel.org to follow.
After over half a month (almost a month for kernel.org) of being down with poorly communicated “maintenance” pages. I hope there’s a fallout for the culprits – and I hope the maintainers of those domains take a more serious approach to how they handle this situation next time…