[ubuntu-marketing] Recent poor publicity - response?

Richard A. Johnson nixternal at ubuntu.com
Fri Aug 17 17:49:57 BST 2007 

On Friday 17 August 2007, Chanchao wrote:
| I read the Slashdot discussion.  If I recall correctly, one thing that
| was seen as particularly lame, possibly more so than the actual breach,
| was Canonical's first response, which *by some* was *perceived* as:
|
| "Wasn't our server, was a community server, it was run by monkies that
| were out on too many special mushrooms."

It really wasn't Canonical's fault and it was the community members who didn't 
update their site framework like they should. I kept our portion updated all 
of the time, and I am a monkey. But I will be darned that I didn't have any 
special mushrooms :)

| I.e. a knee-jerk rejection and generally not willing to look at it
| seriously. I.e. a "we're infallable, it must be their fault" kind of
| response that really never works for any company anywhere.
|
| I think a detailed, positive, up-beat account of "what went wrong and
| how it could have been prevented" would be excellent.  Of course it
| wouldn't get nearly as much interest as the original story, but it'd be
| the right thing to do and not just for marketing reasons.

I have to say, for marketing reasons they were pretty much spot on. They 
removed the fault of Ubuntu which was the right thing to do and let it be 
known that Ubuntu's services themselves were not at fault, but the various 
web frameworks that were outdated. Some were still using Drupal 4.x which is 
known to have a few vulnerabilities.

| I think the whole topic here of 'marketing-response' is wrong. It was a
| technology / administration issue, so let it have a technology /
| administration response.  Not tense blurb from a company that just
| sounds like they collectively shat their pants.

You are correct about it being a technology/admin issue, but it still wasn't 
the fault of Canonical/Ubuntu. They did what any company would do to clear 
their name of such incident. I will agree that the admins should have kept 
everyone informed and told people to update. If they didn't update within a 
certain amount of time, temporarily take their site offline. I would give the 
problem a ration of 90% community fault and 10% administration fault. I might 
actually raise the administration fault a tad since there were never any 
clauses handed down, at least none that I remember when we go an account on 
one of the servers last year.

-- 
Richard A. Johnson
nixternal at ubuntu.com
GPG Key: 0x2E2C0124
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ubuntu.com/archives/sounder/attachments/20070817/ded71c80/attachment.pgp

More information about the sounder mailing list