If you're serious about keeping up to date with bugs yielding
security holes, you need to spend a bit more time getting to know people,
and gaining the trust of others in similar situations.
It's unreasonable to start shouting 'Help! I need answers NOW, and
you ought to start trusting me NOW, here are my credentials!' (nothing
personal, Perry, I do empathise with your situation.)
The astute system administrator will allocate some small portion
of time and resources to establishing and maintaining bona fides with
others. If enough do, then bug reports can circulate through a network
of, if you will, trusted point-to-point links.
I'm not adminning anything these days, but I do make certain to pass
along information to those I trust, if it turns up under my nose. Presumably,
others do the same.
In short, what Perry and those like him need to do, is spend some
time at Usenixen and the like, getting to know people and becoming known
as who they are. I can understand that this would be seen as a waste of
time, when there are more important things to do -- but this is a false
economy. Creating and maintaining personal, trusted, contacts at other sites
is, as we have seen recently, an important part of the job.
Andrew
Follow-Ups:
|
|
