I never doubted that André would have a calm, collected, and reasonable account of what happened. Ruby Central has eroded community trust and we should not let it erode our trust in each other.
The RubyGems “security incident”
Ruby Central posted an extremely concerning “Incident Response Timeline” today, in which they make a number of exaggerated or purely misleading claims. Here’s my effort to set the record straight. First, and most importantly: I was a primary operator of RubyGems.org, securely and successfully, for over ten years. Ruby Central does not accuse me of any harms or damages in their post, in fact stating “we have no evidence to indicate that any RubyGems.org data was copied or retained by unauthorized parties, including Mr. Arko.”
Did you like this post, repost it, or respond to it? Let me know by sending a webmention!