Bonum Certa Men Certa

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug



Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:



The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.


This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them.

Related/contextual items from the news:


  1. New OpenSSL breech is no Heartbleed, but needs to be taken seriously


  2. OpenSSL Security Update now available for Fedora


  3. Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS


Recent Techrights' Posts

Abuse Inside the Polish Patent Office (UPRP) - Part VII: Washing Their Hands After Corruption and Abuse
"Tragedy or comedy?"
Culling Bad RSS Feeds of Bad Sites
Not throwing out the baby with the bathwater
Live as You Preach
technology is fast becoming dysphoric
Computers Got Smaller, So GNU/Linux Got Bigger
Many people here recognise the lack of urgency (or need) to get expensive new laptops
 
Links 10/06/2025: Jaws at 50 and US Democracy Crushed Very Rapidly (Martial Law Seems Imminent)
Links for the day
If 'Microsoft v Techrights' is Dealt With by a 'Microsoft Court' (or a Court Outsourced to Microsoft)
More on that later
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 09, 2025
IRC logs for Monday, June 09, 2025
Gemini Protocol Turns Six in 10 Days From Now
If you haven't tried it yet, then give it a go today
Gemini Links 09/06/2025: Addition Addiction and Nitride
Links for the day
Links 09/06/2025: Science, Hardware Projects, and Democracy Receding
Links for the day
BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore
SS Fagioli is basically a parasite leeching off or exploiting other people's work
Links 09/06/2025: Chaos in Los Angeles and Hurricane Season
Links for the day
GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It
Microsoft is - and has long been - organised crime
They Say I'm Mr. Bombastic
They didn't take good lawyers
Links 09/06/2025: Windows TCO and Many Data Breaches
Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO
it's like a money-laundering operation where one politician rewards another at taxpayers' expense
Gemini Links 09/06/2025: Pipelines and Splitgate
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 08, 2025
IRC logs for Sunday, June 08, 2025
Links 08/06/2025: Tiananmen Carnage Censorship Persists, North Korean Goes Offline
Links for the day
Gemini Links 08/06/2025: Love as an Ethnographic Method and Monitorix Gemini-Frontend v0.1
Links for the day
Links 08/06/2025: Exposure of More GAFAM Surveillance and Social Security Records Compromised
Links for the day
Linux Foundation is a Mediator for Microsoft et al, Not for Small Companies That Support Rather Than Attack the GPL
Many people still wrongly assume that because it is called "Linux Foundation", then it is pro-Linux and represents the same mindset
This Past Friday, Confirming What We Said All Along About Brett Wilson LLP: It's Shrinking, Has Considerable Debt, Loss of Net Assets Despite the Microsoft SLAPP Money
The documents only became publicly available less than 2 days ago
Some of the Many Reasons We Sued Microsofters for Harassment
perpetrators of harassment
For 20 Years Many People Were Sharecropping for Canonical's Oligarch, Now He's Deleting All Their Contributions
"Ubuntu has erased instead of archiving the trove of material at Ubuntu Forums"
There Was Always Too Much 'Crazy Stuff' Going on Around Freenode
What many IRC users lost sight of
Exposing Crime is Not a Crime (It Never Was)
In the eyes of rich and powerful people, those who speak about their crimes are the "criminals"
GNU/Linux Distros Abandoning Microsoft GitHub
Will curl be next to leave Microsoft GitHub?
Expect More XBox Mass Layoffs Soon If the Rumours Are True
From a Microsoft media operative
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 07, 2025
IRC logs for Saturday, June 07, 2025
Europe Needs to Move Away From GAFAM; The Sooner, the Better
Europe - not just the EU - must abandon GAFAM as soon as possible
The Issue Isn't GNOME's Promotion of Diversity But GNOME Corruption, Abuse, Censorship, and Worse
So-called "Conservative" (republican, pro-Trump, bigoted) people want you to think the problem with GNOME is politics
When the News Sources Become Scarce and Increasingly Full of Polluted/Contaminated 'Content' (With LLM Slop and Slop Images)
Integrity matters
"Linux" Sites That Spew Out LLM Slop
We're lacking enough material for another "Slopwatch"
Abuse Inside the Polish Patent Office (UPRP) - Part V: Breaking the Law, Just Like EPO
We'll hopefully cover some of the pertinent details later this year