Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Dr. Roy Schestowitz

2014-06-07 12:37:22 UTC
Modified: 2014-06-07 12:37:22 UTC

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug

Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them. ⬆

Related/contextual items from the news:

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Gemini Links 08/01/2026: "New Year, Old Plans" and Alex's "Butlerian Jihad": Links for the day
LLM Slop About "Linux" Scarce and of Very Low Quality: At this rate, we reckon there may be one (or zero) per day by year's end
IBM's "Forever Layoffs" (to Bypass Warnings or Notices as Required by WARN Act): There is a bunch of speculations about when the next "major round" of RAs will be
Attempts to Undermine This Site's Latest Series Using Intimidation, Threats, and Presumptuous Accusations: threatening language is less effective when everyone is an alibi
Links 08/01/2026: "Golden Smartphone" Scam and Riseup Account Issues: Links for the day
Links 08/01/2026: Possible "Collapse of NATO Over Greenland"; Journalistic Malpractice and "US Voters Hate Slop": Links for the day
EPO People Power - Part XXVIII - A Sensitive Issue for Germany and The Netherlands: If Germans who read this series can communicate this to public officials or to their media, maybe they can strike a nerve and get the ball rolling
Age Discrimination at IBM Discussed Amid Mass Layoffs (Especially in the United States): Workers are anxious. Are they next to face the axe?
Gemini Links 08/01/2026: Potentiometer Calculator, Power Outages, Why You Should Abandon Discord for IRC (e.g. Ergo), and Formatting Gopher Posts: Links for the day
Links 08/01/2026: More Software Patents Squashed, White House Repeats Misinformation From the Kremlin: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 07, 2026: IRC logs for Wednesday, January 07, 2026
The Free Software Foundation (FSF) Looking to Add Associate Members: "Celebrate '26 by helping us reach our New Year's goal before Jan. 16: join as an associate member today. You will help the FSF remain strong and independent to empower technology users everywhere. Join us today and help us reach our goal of 100 new associate members!"
Only Google is Still Spreading Lots of Slopfarms' Fake News and Plagiarism About Linux: 2 days' worth of Google News spewing crap out about "Linux"
Georgia Institute of Technology (Georgia Tech) Formally Announces Upcoming Richard Stallman Talk: Room 100, Scheller College of Business
Links 07/01/2026: Europe's 'Binding Commitments' on Ukraine's Security, "Venezuelan Leaders Project Independence": Links for the day
Gemini Links 07/01/2026: Smart Toaster and Social Control Media Fatigue: Links for the day
Projection Tactics - Part II: Causing "Serious Harm" to Many People (Even Animals): Narcissists and sociopaths are like that
Even Microsofters Now Speak About Microsoft Reportedly Planning to Sack 10% of Its Staff (as Early as This Month, or 2 Weeks From Now) as Real Income Falls: Microsoft buying from Microsoft isn't real income, it is accounting fraud
The four freedoms and GNU/Linux naming controversy, by Akira Urushibata: Social control media owned and run by 'broligarchs' keeps attacking RMS for insisting on names that include GNU
Crans-Montana, Le Constellation: journalists, victims' families, ProtonMail users at risk, police raids: Reprinted with permission from Daniel Pocock
GNU/Linux Reaches All-Time High in Tanzania: This month (and year) GNU/Linux is measured at an all-time high there, based on the data that statCounter can see
Open Source Initiative (OSI) Not Doing Its Job, Instead It's Promoting Microsoft Ponzi Schemes: it participates in Microsoft's Ponzi scheme, which helps Microsoft distract from or excuse the mass layoffs
Links 07/01/2026: Microsoft ChatGPT Killing People and Microsoft "Github monopoly is destroying the open source ecosystem": Links for the day
The Register MS: Installing Free Software on Your Device is 'Sideloading': This is a form of propaganda
Mass Layoffs in Microsoft's XBox Soon, Just Like We've Said for Months: IBM and Microsoft are heading in a similar trajectory and are hiding how bad things are using similar tactics
Mozilla's Assisted Suicide, Assisted by GNOME: Firefox is meant to get better all the time, but instead it gets worse
Now It's a Mainstream Media (MSM) Story: Microsoft Layoffs Coming, They'll be Vast (and They Blame "AI", As Usual!): the books were cooked (accounting fraud) to hide what really went on
Frankly Getting Sick of Slop About "AI" (Slop): Calling everything out there "AI" serves nobody and nothing but the Ponzi scheme
Stick to the Science, the Facts, the Observable Reality: Science is at the heart of this site
Africa's Search Market Has Been Unfavourable to Microsoft: In Africa, as we've just noticed, Bing is moving down, even more sharply this year
Slideshare is Slop: Be sure fools will rewrite history online
Gemini Links 07/01/2026: Looking at 2026, Linux Anti-Minimalism, Diode Function Generators, and Inkscape: Links for the day
Projection Tactics - Part I: What is "Serious Harm"? Or Whose?: the most serious harm was done to us
Links 07/01/2026: More Signs XBox the Console is Dead/Dying, Convicted Felon Repeats Threats of Greenland Annexation: Links for the day
EPO People Power - Part XXVII - Science- and Principles-First Journalism About Issues That Matter: journalism became so shallow that nowadays it can be replaced by bots
Media Gaslighting Dooms the Media: this "AI" gaslighting is done because publishers get paid to do so
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, January 06, 2026: IRC logs for Tuesday, January 06, 2026
Gemini Links 06/01/2026: Collective Responsibility, Pico2DVI, and TV Detox: Links for the day
Microsoft Loves Freedom, Democracy... and Linux? No, Microsoft Laying Off Because "Microsoft Loves Linux" Was Failed Posturing, Its Former Staff Moves to GNU/Linux: "What are the running totals for IBM and Microsoft layoffs?"
GNU/Linux at 4% "Market Share" (Even According to Steam Survey): Another milestone
Links 06/01/2026: Neglect of the Elderly, Abandonment of International Laws: Links for the day
Links 06/01/2026: More Reports Point to Mass Layoffs at Microsoft (Later This Month), Greenland/Denmark Cautions the Dictator Who Illegally Invaded Venezuela: Links for the day
Internet Policy/Net Reality: You Must Never Ever Rely on Google (no "S.E.O." Either): Stack Overflow is dying
Ahead of Mass Layoffs Microsoft Tries to Rebrand or Redefine XBox (Because the XBox is Tentatively Dead): 2026 will be the last year of XBox in all likelihood
Richard Stallman (RMS) Announces His Georgia Talk 2.5 Weeks in Advance: A lot earlier than usual
Dr. Andy Farnell on Technology That Harms People (and Lack of Regulation Which is Needed to Address This Problem): Dr. Farnell's article is long but well worth reading
GNU/Linux Rising to 5% in Cameroon and It's Hardly the Exception: "AI" is just a smokescreen as losses pile up
Rumours: Microsoft to Lay Off 12,500-25,000 Workers Soon (Tentatively Wednesday, 15 Days From Now): "Layoffs are coming third full week of Jan. Likely 21st but these things can move around a bit based on last minute developments."
EPO People Power - Part XXVI - European Media Has Become Part of the Problem: it is as clear as daylight that Cocainegate is real
IBM 2026 "Organizational Change/s" Means Layoffs Resume Soon, Some Claim "Forever Layoffs.": It's about "narrative control"
Microsoft Layoffs in January 2026: Get ready
Google Still Boosting Slopfarms: Slopfarms will probably all perish as soon as Google News quits sending them visitors
Links 06/01/2026: Cryptocurrency Scam Emails and Greenland's Fear of Getting 'Venezuelad': Links for the day
Links 06/01/2026: DIY Projects and Inertial Music: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, January 05, 2026: IRC logs for Monday, January 05, 2026

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Recent Techrights' Posts