Huge Hole in Open Source Software...

Discussion in 'Technical' started by slots, May 25, 2008.


  1. slots

    slots Monkey+++

    Can't say I'm really surprised...

    More:
    Code:
    http://www.dailytech.com/article.aspx?newsid=11869

     
  2. NVBeav

    NVBeav Monkey+++

    Great article. Better get your new keys generated -- if you can!

    I used to love playing with linux back in the 90's while it was still a hobbyist OS. When the open source evangelists started espousing "open source has many eyes to keep the code safe and secure", I often thought how little I could contribute. Evidently, I wasn't the only one.

    Personally I like Vista much better than XP -- for the same reason I liked XP more than 2000. If I need more modern hardware to run Vista, that's expected (my 80386 is so far gone that I don't remember who I gave it to). We go though this every time a new OS is released -- sometimes I skip one, but I'm not skipping Vista because it'll be needed to take advantage of Server 2008.
     
  3. Wild Trapper

    Wild Trapper Pirate Biker

    A comment from that same article:

    I read this article 3 times and could not see anywhere it would affect the average home user's computer, unless they somehow went through a server running a Linux based OS. This might have left a user vulnerable right along with all other user's running windows or mac systems.

    Sorry, I just don't buy it....[cow] I do believe that MS is being hurt by people opting out of their over priced bloated operating systems.
     
  4. NVBeav

    NVBeav Monkey+++

    The OSS community is reeling from this -- they "buy" it -- but they'll fix the problem. More importantly, they'll figure out a way to prevent it from happening again - there are some smart people managing OSS projects.

    This really implicates software as a whole and it's trust factor...
     
  5. Wild Trapper

    Wild Trapper Pirate Biker

    Well, you might be right. It is my understanding the patch is already available. Still, from the article, I can't see how it affects the normal home computer not using encryption other than a password to log into the root. I don't use either Ubuntu or Debian operating systems, but I do have OpenSSL on my system, recently updated. Even then, this is an encryption program, as far as I can tell, one I'm unaware of ever using on my computer. Maybe someone can explain to me how it would effect me.

    However, on the windows side of my laptop I have to constantly watch my system or it's trying to do things I didn't ask it to do and sometimes even trying to charge me for it. Even with Norton virus software I still had things get through and would sometimes have trouble getting it fixed. After having to completely reload windows twice in just over a year of ownership on this laptop, I had to find something a little less stressful. Enter PCLinuxOS. There are some programs in windows I'm forced to use as open source does not support some applications.... yet.
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7