06.04.14

Focusing on the Lesser Dangerous Security Problems

Posted in Free/Libre Software, Security at 11:26 am by Dr. Roy Schestowitz

Summary: The obsession with security flaws that are immediately addressed by FOSS developers helps distract from deliberate flaws in proprietary software (back doors)

FOSS-hostile sites/tabloids like ZDNet happily cover security issues when they are already fixed and briefly affected Free software. The latest GnuTLS flaw (flaws in it are nothing new and they get addressed quickly [1, 2]) is starting to receive coverage in expected places (other than Microsoft-connected [1, 2, 3]). It is not just CBS sites but also Condé Nasty, another neighbour of Wall Street (where all those large media companies are based). There are provocative photos as usual from Dan Goodin, not to mention the Linuxwashing of this cross-platform issue. IDG does this, but IDG [1] also alludes to back doors in Windows without naming them as such.

Why don’t they spend more time covering deliberate back doors from Microsoft/NSA or even Apple? It does not seem to serve their sponsors as much as FOSS FUD. Ever since the NSA leaks came out (it started a year ago) it seems like much of the technology/corporate media looks the other way and tries to turn every little bug in FOSS into headlines, claiming that FOSS is less secure. Perhaps there is fear that many people will walk away from software with back doors, necessitating alternatives (spooks cracking in more clever ways, trying hard to put back doors without being noticed in freely-available source code). █

Related/contextual items from the news:

Beware the next circle of hell: Unpatchable systems

Microsoft’s decision to end support for Windows XP in April was met with a collective gulp by the IT community. For good reason: Approximately 30 percent of all desktop systems continue to run XP despite Microsoft’s decision to stop offering security updates. Furthermore, a critical security flaw in Internet Explorer 8 disclosed recently by HP’s TippingPoint Division opens the door to remote attacks on XP systems that use IE8.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

Microsoft Layoffs of 2014

Another quick look at Microsoft's horrible state of affairs and why it has virtually nothing to do with Nokia
Links 22/7/2014: Linux 3.16 RC 6, New UberStudent

Links for the day
Links 20/7/2014: Jolla in India, Mega Censored in Italy

Links for the day
Longtime Mono Booster Joins Microsoft-linked Xamarin

Jo Shields almost joins Microsoft, settling instead for its proxy, Xamarin
Linux Foundation Welcomes Patent Aggressor Red Bend Software

The Linux Foundation's AllSeen Alliance welcomes as a member a company that uses software patents to sue Free/Open Source software
Matt Levy From Patent Progress (and CCIA) Does Not Really Want Patent Progress

Matthew ('Matt') Levy moved into a foe of patent progress last year, but he still runs a site calls Patent Progress, in which he diverts all attention to patent trolls (as large corporations such as Microsoft like to do)
Attacking FOSS by Ignoring/Overlooking Issues With Proprietary Software

The biasing strategy which continues to be used to demonise Free/Open Source software (FOSS) along with some new examples
Links 19/7/2014: CRUX 3.1 is Out, CyanogenMod Competes With Google Now

Links for the day
Microsoft's Massive Layoffs Go Far Beyond Nokia; Nokia's Android Phones Axed by Microsoft's Elop

Microsoft's rapid demise and permanent exit from Nokia's last remaining Linux platform (after Microsoft had killed two more)
Patents on Software Already Being Invalidated in Courts Owing to SCOTUS Ruling on 'Abstract' Patents

The Federal Circuit Appeals Court has just "invalidated a software patent for being overly abstract," says a patents expert
OpenSUSE 'Community' is Crumbling, AttachMSFT Killed SUSE's Potential (Except as Microsoft Tax)

Not much too see in the land of SUSE and Attachmate, or formerly the company known as Novell
Links 18/7/2014: Slackware Turns 21, Spotify Switches to Ubuntu

Links for the day
Links 16/7/2014: Manjaro 0.8.10 Third Update, SIA Migrates to Red Hat

Links for the day
Microsoft's Latest Round of Massive/Bulk/Large-scale Layoffs

Microsoft boosters are preparing 'damage control' pieces ahead of massive layoffs at Microsoft
Secrecy Allows British Government to be Manipulated by Microsoft for Spyware Behind Closed Doors

Dependence on malicious software from NSA ally Microsoft is highly dependent, at least in Britain, on government secrecy and vain refusal to comply with Freedom of Information (FOI) requests
Software Patent Applications Already Being Rejected in the US Owing to SCOTUS Ruling, Some Patent Lawyers Are Fuming

Good news on the software patents front as the USPTO starts rejecting software patent applications, based on patent lawyers' words
Links 15/7/2014: New Plasma, Google Announces Project Zero

Links for the day
Interest in Free Software Coverage and 9 Months With Tux Machines

Thoughts about the level of interest in Free/Open Source software (FOSS) and growth of at least some sites that focus on GNU/Linux
White House Backs Away From Appointing Patents Zealot to Top USPTO Position

Philip Johnson is no longer poised to become the Director of the USPTO, which is basically an establishment that provides protectionism to primarily US-based corporations
Professor James Bessen Presents the Case Against Software Patents After Important SCOTUS Ruling

The debate about software patents in the Unites States continues, with academia on one side and greedy patent lawyers on the other
Software Patents Demising in the US as Microsoft Patent Attacks on Android/Linux Suffer a Huge Setback

M-Cam's assessment of Microsoft's bundle of extortion (using software patents) shows toothlessness, irrespective of the SCOTUS decision to effectively annul "abstract" software patents
Links 13/7/2014: KDE Activity Surge

Links for the day
Pro-Microsoft Spin in Microsoft-Funded News Networks

The rogue media (misinformation) campaign of Microsoft benefits from networks which have been paid by Microsoft over the years
Cronyism at Play: European Hostility Towards Free/Libre Software Despite Espionage and Moles

Europe continues to be held hostage with back doors, lock-in, and massive payments to foreign powers, despite evidence that these powers are destructive and hostile
Wirelessly-Controlled Contraceptives and Other Villainous Bill Gates Initiatives

Remote controls for people's reproductive systems are now in the making and Bill Gates is a prominent investor in the technology
Links 12/7/2014: CrossOver, New Wine

Links for the day
Links 10/7/2014: LXLE 14.04 in Headlines, Plasma 5

Links for the day
OpenDocument Format (ODF) Still Alive and Kicking

Caligra, WebODF and various influential nations' departure from Microsoft Office will help famous projects such as OpenOffice.org and LibreOffice make ODF the only international standard for editable documents exchange
The Effect of Corporate Media Bias: FOSS Demonisation and Microsoft Openwashing

A set of very recent examples where the corporate press produces FOSS-hostile articles (or pro-Microsoft articles) by citing biased sources of convenience
The NSA's Top (and First) PRISM Partner, Microsoft, Lies to Governments and Businesses as Office Gets Banned in China

Developments in China reveal that security and privacy threats posed by reliance on Microsoft are so great that a ban becomes inevitable and continues to expand (Microsoft put on more and more block lists and blacklists)