1 |
On Thu, 2004-03-18 at 09:28, Joshua Brindle wrote: |
2 |
> This wasn't anything that we didn't already know about, we already know |
3 |
> we don't have access to vulnerability reports before the 'mass public', |
4 |
> we already know we are undermanned, we already know our process is in a |
5 |
> transition state. What *you* need to know is that we are doing what we |
6 |
> can with the resources we have, and trying every day to get more |
7 |
> resources. If you don't like it you can help us, we *are* a community |
8 |
> distribution, not a commercial distribution that can pay for a full time |
9 |
> security team, nor are we a distribution with the amount of 'clout' it |
10 |
> takes to get early advirsories. |
11 |
> |
12 |
> My suggestion to you is one of the following |
13 |
> 1) help make the team better by participating |
14 |
> 2) paying for a full time security team |
15 |
> 3) deal with it. |
16 |
|
17 |
This is either a great idea, or a total bomb... I can't quite tell, so I |
18 |
thought I might as well mention it... |
19 |
|
20 |
What about creating a 'Support the Developers' page? I think paypal |
21 |
donations to gentoo would be rather difficult to implement (who would |
22 |
get the money?), but it would be a nice place to list requests for |
23 |
(reasonable) hardware donations as well as employment availability. We |
24 |
would list the availability and region of -core developers, and |
25 |
businesses needing their services could contract out support (or even |
26 |
full-time staffing) from the developer. |
27 |
|
28 |
--Jeremy |