Of course they show up in curl .. they go into cache after some spider/crawler looks for the link .. then they so up on the site. This is documented on the gitbilt bugs site.

And I CERTAINLY know how things work ... and I am not afraid to post with my REAL ID there anonymous coward.

Irrational and hateful ... WTF.

btrfs is a technology preview in RHEL7 and CentOS7 ... you can use it if you want.

Is SUSE also irrational and hateful for using XFS in SLES server?

Yes, but in older versions of CentOS, the system software was compiled using older versions and the 1.7.0 was avilable.

In this version, the system RPMs are compiled against 1.7.0 and 1.6.0 is available for compatibility.

Dude, you must have taken your tin foil hat off .. I could see you for a second.

All those /// are coming from screwed up mirror/spider software (you probably wrote it) that is does not properly pay attention to robos.txt and does not properly query the tree. We didn't see it in testing becuase we queried the tree correctly. We are working with gitblit (the open source software git.centos.org is hosted with), to get this bug fixed and we will be rolling it in soon now that we have CentOS-7 released:

http://code.google.com/p/gitbl...

If you do a dig for the ipaddress and look at the location, git.centos.org is not hosted in a Red Hat datacenter.

You also must not have seen the more than 500 mirrors wrldwide that host CentOS content:
http://www.centos.org/download...

So, other than every single point of your post being wrong, it was a very well and thought out piece of writing.

That is only partially true .. RHEL 7 does not have an i386 version. However, CentOS does plan to have one as a secondary arch ... IF ... we can get it to build: http://lists.centos.org/piperm...

The graph by Oracle is 7 months old ... because CentOS now has 2 full time developers and routinely beats Oracle to delivering kernels. Here is the graph and chart for 2012 EL6 Kernel updates. You can see that CentOS is delivering kernels 48% faster than Oracle in 2012 (25 days delayed for CentOS compared to 37 for Oracle). All but one of the eight 2012 Kernel updates have been delivered faster by CentOS. http://bit.ly/NEdAB8

You would have to ask the people who did it. I suppose that they might think that people who pay for RHEL are more security savy that those who take the free route. I am a centos developer, so I do not appreciate the suggestion that the CentOS team did something. There is no issue that makes centos more or less secure than RHEL in this instance. They likely chose CentOS because it is more prevalent than any other distro in the world and they had a scanner to find it. The initial entry is almost certainly a brute force ssh root password break in. They also likely developed their "malicious code" using the CentOS distro (it is free and the most widely used distro ... what would you pick to develop your code on?), so they likely know it works for sure on CentOS. Why take a chance it does not work on RHEL if they developed it on CentOS?

One of the issues in bding the most widely used distro and free is that bad guys use your stuff to build bad things.

Because CentOS is used more than any other linux server on the Internet maybe:

w3techs web usage

It is set up that way because that is how RHEL is setup.

You control the iptables on your machine, not the ISP. These guys are not hacking commodity shared servers they are hacking individual/coloacted servers. You would use IPTABLES and limit the access to at least known networks. Why have your ssh port open to China and Russia if it is located in the UK and never accessed from those locations (for example). Even if you don't have a single IP, you are on a specific network and you can allow only access from the "4" class B networks (as an example), etc. Also, you should always disable password logins and use keys to access your servers via ssh. Certainly you should disable direct "root" logins.

This is totally incorrect. There are MANY different licenses in RHEL. In fact, there are 240 individual licenses in RHEL-6.1 ... including: AFL, Artistic, BSD, CC-BY, GPLv2, GPLv3, CPL, EPL, IBM, IPA, ISC, LGPL, MIT, W3C, and many others ... including just Copyright Red Hat and NON-Distributable.

Red Hat did not write MySQL, the Apache Web Server, Gnome, KDE, OpenOffice, etc. They are USING / REBUILDING upstream code to create their distribution too. Granted, Red Hat pays people to help write some of that code ... however, they (and SuSE, and Debian, and every other Linux distro) is using other people's code, they are building that code and redistributing it just like CentOS does.

you CAN NOT install RHEL on machines that you do not have support for. You wave that right when you have any RHEL licenses. So, they can install RHEL if they have a valid license and they can not if they don't. CentOS is installed on an estimated 2 million machines world wide because of this. This issue is in RHEL and reproduced in CentOS, so it would not matter which one was installed.