Huge Hole in Open Source Software...

Discussion in 'Technical' started by slots, May 25, 2008.

  1. slots

    slots Monkey+++

    Can't say I'm really surprised...

  2. NVBeav

    NVBeav Monkey+++

    Great article. Better get your new keys generated -- if you can!

    I used to love playing with linux back in the 90's while it was still a hobbyist OS. When the open source evangelists started espousing "open source has many eyes to keep the code safe and secure", I often thought how little I could contribute. Evidently, I wasn't the only one.

    Personally I like Vista much better than XP -- for the same reason I liked XP more than 2000. If I need more modern hardware to run Vista, that's expected (my 80386 is so far gone that I don't remember who I gave it to). We go though this every time a new OS is released -- sometimes I skip one, but I'm not skipping Vista because it'll be needed to take advantage of Server 2008.
  3. Wild Trapper

    Wild Trapper Pirate Biker

    A comment from that same article:

    I read this article 3 times and could not see anywhere it would affect the average home user's computer, unless they somehow went through a server running a Linux based OS. This might have left a user vulnerable right along with all other user's running windows or mac systems.

    Sorry, I just don't buy it....[cow] I do believe that MS is being hurt by people opting out of their over priced bloated operating systems.
  4. NVBeav

    NVBeav Monkey+++

    The OSS community is reeling from this -- they "buy" it -- but they'll fix the problem. More importantly, they'll figure out a way to prevent it from happening again - there are some smart people managing OSS projects.

    This really implicates software as a whole and it's trust factor...
  5. Wild Trapper

    Wild Trapper Pirate Biker

    Well, you might be right. It is my understanding the patch is already available. Still, from the article, I can't see how it affects the normal home computer not using encryption other than a password to log into the root. I don't use either Ubuntu or Debian operating systems, but I do have OpenSSL on my system, recently updated. Even then, this is an encryption program, as far as I can tell, one I'm unaware of ever using on my computer. Maybe someone can explain to me how it would effect me.

    However, on the windows side of my laptop I have to constantly watch my system or it's trying to do things I didn't ask it to do and sometimes even trying to charge me for it. Even with Norton virus software I still had things get through and would sometimes have trouble getting it fixed. After having to completely reload windows twice in just over a year of ownership on this laptop, I had to find something a little less stressful. Enter PCLinuxOS. There are some programs in windows I'm forced to use as open source does not support some applications.... yet.
survivalmonkey SSL seal warrant canary