A few weeks ago we wrote about DigiNotar, noting that Windows dependence caused a huge mess. DigiNotar has just died based on reports that say it filed for bankruptcy in The Netherlands. This not only cost a lot to other companies (and their reputation) but it also compromised the identity and activity of ~300,000 Iranian internet users, potentially leading to the death of some. The crack was caused by Cain and Abel, which according to Wikipedia is "a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks."
"Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there."There is another incident worthy of being mentioned. Incidentally, on the face of it, "If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message," writes The Register. Apple+Microsoft Skype (proprietary)=insecurity.
This other new report from the same source says that "Apple has dropped a couple of monumental password security clangers with the release on OS X Lion, according to security blogger Patrick Dunstan."
Hey, at least it's shiny. Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there. ⬆
Comments
twitter
2011-09-21 18:29:28
Every surrender of rights makes people less secure. In the non free world, "security" means protecting big companies from users not random malice and exploitation. Non free software, like prison, does not trade liberty for security and people who use it are always at the mercy of the software's owners.