Jump to content

MS propaganda machine churns out another


scoopy
 Share

Recommended Posts

Seems like windows fans are having a field day with this. Too bad they really didn't read the article and realize the damage that could be done if they gave someone a user account on their windows box --- but then that would not be news either --- it would just be accepted by those that pay the MS tax.

 

Serious Linux Security Flaw Found

( from PCworld )

 

PS: It only affects Debian users... NOT Mandrake.

Link to comment
Share on other sites

Actually the bug exists in all version of the Linux Kernel prior to 2.4.23, unless patched by their respective distributions. According to the bottom of the article, Mandrake has in fact put out a fix.

 

I don't see it as any sort of a FUD machine, looks like a honest and unbiased report to me. Besides, it's from Yahoo, one of MSN's competitors...

Link to comment
Share on other sites

Yeah, that's been really annoying, there have been no changes in apt for nearly 2 weeks now. Ironically, we cant apt-get the update.

 

The details are available

 

http://www.wiggy.net/debian/status/

http://lists.debian.org/debian-devel-annou...1/msg00012.html

 

The real irritation for me has been people.debian.org has been down because it is on the machine 'gluck'. p.d.o has a lot of the cool stuff on it!!

 

iphitus

Link to comment
Share on other sites

:oops: Bad use of words there... This hit Debian, and thus Debian is in the Spotlight this time. Good to see a patch has already been issued by Debian, Red Hat, and Mandy, before we even knew of the problem (well some of us ;) )

 

My thoughts of the FUD machine stem from the source of the article being from PCWorld, which I always thought was biased towards MS and the "Serious" they added to the headline. I would think if you gave anyone access to your machine and screws it up --- this would be sabatoge and not a security flaw.

 

Even Linus Torvalds was quoted, saying this was only a "bug"

It's a local-only compromise that you can't trigger from the outside," he said. "To most people, it would thus become serious only after you had some account hacked into--the bug then allows elevation of privileges."

 

I still feel much safer with my older kernel, than if I was running MS. :D

Link to comment
Share on other sites

any bug local or not that allows user unlimited access is pretty serious.

 

pc world though mostly reporting on ms stuff does report, in an unbiased manner, on other pc oses and and such.

 

this article is pretty straightforward reprting what the problem was and what kernel it affected.

 

i am certainly glad that there are some developers out there that are not complacent about linux security. most *nix users like spreading their own fud that *nixes are "so much more secure" than other oses. (in fact thay are pretty secure but humans program the kernels and humans make mistakes)

Link to comment
Share on other sites

i am certainly glad that there are some developers out there that are not complacent about linux security. most *nix users like spreading their own fud that *nixes are "so much more secure" than other oses. (in fact thay are pretty secure but humans program the kernels and humans make mistakes)

Well said! *nixes zealots should not use FUD. The "Linux über alles!" fanatics generate more trouble than the other side.

 

Linux has flaws. And the best way to fight FUD is to tell the world about those flaws (no dirty secrets), how many (not so much), how fast there are fixed by really competent guys (very responsive community), and how quickly and easily everybody can then update their systems (no monthly giant service packs).

Link to comment
Share on other sites

any bug local or not that allows user unlimited access is pretty serious.

 

Yeah, but a local exploit ranks under all remote exploits, I have actually never seen any article pointing out this or that windows local exploit, since there it is a 'feature'...

 

A remote exploit is very bad, a local one is really not so bad. If I'm a local user, and I can actually get to the machine physically, no *nix or win machine is safe...

 

To be precise, the amount of press this exploit has been given is really quite disproportional compared to what press MSWin gets if a local exploit is found.

 

 

That said, a system's security has quite a strong relationship, in terms of the system itself and security as a whole, with the understanding and effort of the person maintaining it.

 

No *nix or win is really secure if the correct things have not been done with it to make it secure.

 

The truth is that as long as linux is more used by computer savvy, the linux crowd's machines on the web are going to be better maintained.

I'm sure once linux has 20%+ marketshare, we will see linux emailviruses etc...

(Really cool!! save the attachment and just do sh evilattachment.sh, it's good fun!! BTW sorry, you have to do that as root, else the really fun part won't be as much fun!! Enjoy!!!!!)

:P

Link to comment
Share on other sites

>how fast there are fixed by really competent guys (very responsive community)

 

The bug was actually spotted by Andrew Morton well before the Debian crew were hit, but it was slightly too late to make it into the kernel release - thats incredibly quick patching :lol:

Link to comment
Share on other sites

I'm sure once linux has 20%+ marketshare, we will see linux emailviruses etc...

i would like to see a 20% share .... but realistically on the desktop i cannot se it happening. most people out there do not want the hassle of *nix.

 

and as for viruses.... they will come... not through the email but through exploits in the code. open code has it's drawbacks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...