Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Dr. Roy Schestowitz

2014-06-07 12:37:22 UTC
Modified: 2014-06-07 12:37:22 UTC

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug

Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them. ⬆

Related/contextual items from the news:

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Workers Fly Away From IBM's Red Hat (This Year a Lot of Red Hat Staff is "IBM"): The stock (share price) of IBM says nothing about what actually goes on
Links 02/01/2026: Science, Patent Maximalism, and Public Domain Day: Links for the day
Gemini Links 02/02/2026: Books, Scams, and mkscript (a Script to Make Scripts): Links for the day
Strong Start for GNU/Linux This Year: based on statCounter
More Tools, Factorising Code: If some things in the site of Gemini capsules don't behave as expected, then that's likely due to a bug
State of Tech Journalism in 2026: Follow the Money: in order to understand what motivates an opinion piece one must follow the money
Why IBM Workers Like Techrights (Same Reason EPO Workers Do): IBM will likely be a daily theme (high rate of recurrence)
In 2025 We Contributed to the Headlessness of the OSI, But It's Not Over Yet: By airing some 'dirty laundry' about the OSI last year we contributed to its current state
Africa's Largest Population Sees Diminishing Impact of Windows: less than 1 in 10 Web requests in Nigeria comes from Windows
Russia Cuts Finnish Cables ("Hybrid War"), Finland Cuts Off Microsoft: the birthplace of Linux
Free Software is More Naturally Inclusive: large, intolerant, violent companies get painted as a glorious example of United Colours of Benetton
Europe in 2026: Over 5% GNU/Linux, Not Counting Chromebooks: 2026 has started strongly
Slopfarm Says Microsoft's "Biggest Business" is the 'Business' Where It Loses Tens of Billions of Dollars: TOI still pretends to have a lot of output
At the Start of January 2025 Microsoft President Said Microsoft Would Spend 80 Billion Dollars on "AI" Data Centres. That Didn't Happen. Microsoft Laid Off 30,000 Workers, Debt Surged.: Maybe this coming Monday Microsoft will come up with more false promises and vapourware
Links 02/01/2026: Insurrectionist Attacks Musicians Critical of Him With Lawfare, Project Gutenberg Now Has Over 75,000 Books: Links for the day
Decline in LLM Slop About "Linux" is a Good Start for 2026: When the only remaining proponents of slop are slop, which is pretty much what's happening right now, the bubble is popping
EPO People Power - Part XXII - Contact Officials and Inform Your National Representatives (Delegates) of the EPO's Cocainegate: Europe's largest media intentionally covers up serious scandals in Europe's second-largest institution
Slopwatch Still Dead, Not Enough LLM Slop About "Linux": this is the desirable thing
LibXML2 Will Carry on (Without or With the Name "LibXML2"): The proprietary software boosters are projecting
Gemini Links 02/01/2026: ThinkPad, SHARP Zaurus, Lagrange Handheld Support: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, January 01, 2026: IRC logs for Thursday, January 01, 2026
Links 01/01/2026: "Biophobia" and Renewed Effort to Locate MH370: Links for the day
Gemini Links 01/01/2026: Bot Accounts Online and Reading in 2025: Links for the day
IBM’s and Red Hat’s "Operation Evolution initiative" Just Long, Fancy Term for Bluewashing, Redundancies, Layoffs: Gerstner is still alive, but he's shorter and more arrogant
Designing a Better Mousetrap or Tools for the SSG: Static Site Generators (SSGs) - unlike all modern Content Management Systems (CMSs) - are so simple that extending them is easy
Links 01/01/2026: 1930 Works in the Public Domain, Electricity Pricing 'a Mystery': Links for the day
Firefox is Toast Because It Got Toasted by Mozilla: Firefox cannot keep above 2% and hasn't been able to for quite some time
Ignore the LLM Slop and the Noise, Microsoft is in a Death Spiral: So what does Microsoft have left to sell?
Red Hat is Vanishing Before Our Eyes: With some Red Hat staff "transitioning" we wonder if it's an HR hack, wherein they "reset the clock" on employment duration so as to lessen severance obligations
In 2025 Microsoft Lost Palau: Palau now has GNU/Linux at steadily high levels
Microsoft Mocked UNIX/Linux for Not Handling Dates After 2038, Microsoft Breaks Down on 2026!: Only a truly moronic company would design it that way
Another New Year's Resolution: Public Domain Sources, Credits: In addition to our first one
Combatting Slop Images (and ClownFlare): we won't use or reuse slop images
The End of Red Hat: expect many more layoffs soon
A New Year's Resolution: Maximal Transparency: We'll do our very best to be transparent about everything that's going on, even legal matters
Gemini Links 01/01/2026: 2025 Comes to a Close and Capsular Gemlog Manager: Links for the day
Free Software Foundation (FSF) Raised About 1.3 Million Dollars in the Past Couple of Months!: the FSF's Board now has 10 people in it
2026 IBM Phaseout of Red Hat: Red Hat won't fare any better than most IBM acquisitions
Microsoft Budget Issues, XBox Thrown Under the Bus: They're cutting budget. Soon they'll cut the staff.
Only Hours Into the New Year People Already Discuss the Next Round of Layoffs at Red Hat/IBM: 2026 will be another tough year for Red Hat and IBM
EPO People Power - Part XXI - Europe's Second-Largest Institution Became a Corrupt For-Profit Company Run by Drug Addicts: it'll be the demise of the Rule of Law in Europe and maybe a death blow to the EU (eventually), not just the EPO
Another Very Productive Year Commences: "a total of over 17,000 pages in a year"
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 31, 2025: IRC logs for Wednesday, December 31, 2025
Fiji: GNU/Linux Has Risen From Almost Nothing to Almost 5% in Recent Years: It's not as small as people are led to believe
Gemini Links 31/12/2025: Blogosphere is Growing and New Year Begins: Links for the day
Recruiters Don't Use Microsoft LinkedIn, Spammers Use LinkedIn: One of my best friends, a university professor, lost all of his life's savings due to Microsoft LinkedIn
You've Only Wasted Your Life in Social Control Networks: In a sense, social control media is a giant delusion
2025 Was a Very Bad Year for Social Control Media: statCounter sees a gradual demise in Social Control Media access
Don't "Go Paperless", Go Paperful [sic] (for What Really Matters): Why should we favour paper use sometimes? Well, many reasons.
Complexity Considered Harmful: We Used to Run an Operating System on 64KB of RAM, Not 64GB of RAM (a Million Times More): "Initially confined to single-tasking on 8-bit processors and no more than 64 kilobytes of memory"
The Slop Industry is Failing So Badly (Mountains of Debt, Losses) That It's Merging With the SPAM Industry: we reckon that Google will eventually delist all slopfarms, recognising they're just a form of SPAM
Links 31/12/2025: Cheeto Pushing for More Wars, ‘Security is a Shared Responsibility’: Links for the day
Enshittification of Postal Services Isn't Technological Advancement: Societies that say the aim is to "go digital" and eliminate paper trail aren't advanced; they're moving backwards
IBM Starts 2026 a Much Smaller Company (Not Homage to Gerstner): People who get bluewashed out of their job (or bluewashed into unemployment) are gagged by NDAs
XBox is Likely Dead Already, But the Threat It Posed to Us All for Two Decades Isn't Over: "the Xbox was never about gaming and merely served as a test bed for DRM in commodity systems."
Ahead of 2026 Mass Layoffs at Microsoft the Tree Gets Shaken to See Who 'Falls' (Resigns/Retires): "We had a quiet meeting last week about budget realignment. No one said layoffs, but it’s clear where the focus is shifting."
Almost 6,5000 Pages in 2025, Aiming Higher in 2026: if we can keep focused, then quantity will increase
Microsoft XBox Having a "Dog Ate My Homework" Moment: No New Console Until 3 Years From Now... Because "RAM Prices": Who will ever remember this in 2028? Nobody.
Gemini End of Year Capsules Tally (Based on Lupa) Shows About 10% Growth: What a difference a year makes
Gemini Links 31/12/2025: New Resolution, Reverse Hexdump, and Programming Languages: Links for the day
Dr. Andy Farnell Explains Why Chatbots Became Dishonesty on Top of Dishonesty (Hiding Usage of Dishonest Salads of Words): new article from CyberShow
Links 31/12/2025: Nvidia Faces Bubble-Bursting Moment, Saudi Oil Money Pumped Into Chatbots to Keep the Energy Waste Going (Circular Financing Again): Links for the day
Richard Stallman's First Talk in a U.S. College Since 2018: Greetings from Georgia Tech!
EPO People Power - Part XX - Why António Campinos Chose to Put His Cokehead Friend on 'Sick Leave': EPO Cocainegate will be covered for months to come
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 30, 2025: IRC logs for Tuesday, December 30, 2025

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Recent Techrights' Posts