The Apache foundation has received a lot of praise from the security community recently for their uncensored disclosure of a recent breach. (In case you missed the story, you can read Apache’s write up of the incident here) This goes back to the security community lobbying for full breach disclosure especially by private sector where we’re seeing it the least. It’s the prisoner’s dilemma and so far we’re all getting screwed.
That being said, Philip M. Gollucci from the Apache Infrastructure team did an excellent interview on the Eurotrash Podcast. You can download the mp3 here.
http://blogs.apache.org/infra/entry/apache_org_04_09_2010