Comment 18 for bug 1701068

Timothy R. Chavez (timrchavez) wrote :


Not sure about the Twitter storm you're referring too. The http request being sent to is embedding information like system uptime in the user-agent header. That appears to be used to determine which information to send back in the http response. What's not clear, is if it's being collected or not. Also, while unattended-upgrades for -security may be a default, it may also be disabled, so I don't think you can assume that. That said, I do think it's a good point that if you're automatically receiving security upgrades, how much the motd news that covers such things actually matters. Is your recommendation to disable motd-news by default and make it opt-in?