| ▲ | zdragnar 21 hours ago |
| Surely for something so important, they'd verify it rather than let it sit around for the public to point out. At a minimum this is definitely a process failure due to incompetence. |
|
| ▲ | likeabatterycar 21 hours ago | parent [-] |
| Maybe it was file system corruption, who knows? "Dell is posting unsigned update executables" is a loaded statement that implies this was intentional. Dell has been signing updates since before most infosec engineers were in middle school ogling cheerleaders. It's alarmist and highly unlikely this was intentional. |
| |
| ▲ | dumpsterdiver 21 hours ago | parent | next [-] | | That still wouldn’t excuse that someone clearly didn’t verify their work. No matter what the reason, ownership of this task was released before it should have been. | | |
| ▲ | likeabatterycar 21 hours ago | parent [-] | | You have no evidence of that not happening. It could be corruption after the fact or failure during replication. The armchair wolves already smell blood and are assigning blame before a postmortem has even begun. | | |
| ▲ | muppetman 21 hours ago | parent [-] | | You're right.
A headline of "Dell's website is serving up unsigned updates" would be correct. But to garner more clicks and hype that's not how they've worded their tweet, instead it's worded to make it sound like Dell are doing this on purpose. | | |
| ▲ | preciousoo 20 hours ago | parent [-] | | The original “tweet” didn’t attempt to infer reason or assign blame though. All it did is state two facts, according to their system |
|
|
| |
| ▲ | ddtaylor 21 hours ago | parent | prev [-] | | Dell is a large player in storage integrity for servers for exactly this purpose. |
|
