Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Dr. Roy Schestowitz

2014-06-07 12:37:22 UTC
Modified: 2014-06-07 12:37:22 UTC

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug

Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them. ⬆

Related/contextual items from the news:

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

People Discuss Rumours of Mass Layoffs at IBM Becoming Public in 1-2 Weeks: IBM is killing its brand or its "goodwill"
The Old Days: In the early days of this site (2006) it was mostly just a couple of people, plus comments
Links 28/03/2026: Microsoft's LinkedIn a National Security Risk, Microsoft's Slop "Ambitions Face Investor Scrutiny Amid Soaring Costs": Links for the day
No Daylight Saved: Is there still any practical reason for this ritual?
Microsoft Azure Does Not Have "Hiring Freezes", It Has Had Mass Layoffs Every Year Since 2020: Things are always a lot worse than Microsoft formally or publicly acknowledges
SLAPP Censorship - Part 27 Out of 200: Using the Tor Network to Hide From Consequences: Only 1-2 weeks after the countersuit the Canadian attempted to deplatform several Web sites
The Limits of Inclusion: Inclusion with caution isn't "opinionated"; it's a defence mechanism, sometimes a survival instinct
Almost 20 Years After Microsoft/Novell: The mission has not changed, but the priorities evolve all the time
LLM Slop Kills Sites, as Sites That Adopt Slop Are Doomed: People won't subscribe to such sites and visit them if they recognise it's just slop
Links 29/03/2026: Indonesia Cracks Down on Social Control Media Addiction, China Becomes World’s Scientific Superpower: Links for the day
Fedora at the Mercy of Microsoft Because of Back-Doored Kick-Switch Boot: We'll soon revisit the defamation attacks on Torvalds
Links 29/03/2026: Water Shortages and No Kings Rallies: Links for the day
Gemini Links 29/03/2026: Return to Gopherspace, "Zen of Marking Playing Cards": Links for the day
The Real XBox is Dead, So Microsoft is Calling Everything "XBox" Now: It even wanted to run a campaign to convince everybody that XBox is not actually a console
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 28, 2026: IRC logs for Saturday, March 28, 2026
Open Web Destroyed by Centibillionaires, Says Anil Dash of Blogging Fame: Blogging was going through its 'prime years' about 20 years ago
"Linux" Slop Going Away, Microsoft et al Pay 'Linux' Foundation to Promote Slop: It's a timely reminder that the Linux Foundation exists to promote whoever pays the Linux Foundation, even pedophiles and companies that attack the GPL
Gemini Links 28/03/2026: "Finding My Base Tone", "Astrobotany", and BugoutBack/OFFLFIRSOCH: Links for the day
Links 28/03/2026: More Worldwide Bans on Social Control Media (Harms to Adolescents), Protests in US Against Dictatorship: Links for the day
SLAPP Censorship - Part 26 Out of 200: Asking for Documents and Information You Already Have, Even Letters and E-mails That You Yourself Sent!: barristers are expensive
Gemini Links 28/03/2026: Echo Delay and 0x0.st: Links for the day
Rumours of More IBM Mass Layoffs at Beginning of April: IBM is not doing well
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 27, 2026: IRC logs for Friday, March 27, 2026
"Headcount" as Distraction From Mass Layoffs and Salary Reductions: Things aren't looking well when one considers revenue is acquired, not earned
"Linux" Slop Turning Rarer, New York Times Nowadays Contaminated With LLM Slop: Another day has passed without much slop about "linux"
Links 27/03/2026: Studying Whale Births, Apple is Cancelling Products, Cambodia Arrests Journalists Over Photographs: Links for the day
Gemini Links 27/03/2026: GTD, Gopher Catchup, Gemini Crawlers, and "Slop Everywhere": Links for the day
Mozilla Was Ruined Like Sirius Open Source Was Ruined - From the Top Down: Mozilla will never return to its Free software roots
Nokia Could Never Recover From Microsoft: It's very important to remember what really happened
Why Techrights and Many Other Sites Stopped Doing April Fools’ Day Articles: Well before slop (made by LLMs) it was "bad optics" to have satire or humour in a site, irrespective of the day of the year
President Not-Cocaine Campinos Notified of Historic EPO Strikes (Thousands of Workers Not Coming Back to the Office): Please do pay attention to how the media treats these strikes in Europe's second-largest institution
Slides From the Presentation Discussing EPO Strikes Until End of June or Until End of 2026 (Maybe Next Year Too): More to come soon (later today)
IBM Cuts Are Everywhere (Global), the Aim is to Lower the Pay: Because the revenues keep falling (IBM buys other companies' revenues using borrowed money)
Perpetual Strikes to Begin at European Patent Office (EPO), Large Majority Votes for Strikes Any Day of the Week: Approved industrial actions [...] Notice how none of the media or even so-called 'IP' blogs write about it
Mozilla is Not a Privacy Company, Mozilla is Run by GAFAM Executives and Managers Who Came From American Surveillance Companies: Would you trust a VPN they claim to be "free"?
SLAPP Censorship - Part 25 Out of 200: That Time Matthew J. Garrett Got Temporarily Banned/Suspended From Twitter: That he gets banned from large social control media platform is hardly surprising given his combative communications
Ubuntu Started as Free With ShipIt, Now It Becomes Payware That Exploits Debian Volunteers (Slaves): "Ubuntu" the distro now replaces the GNU components inherited from Debian with a bunch of Microsoft GitHub (proprietary) things that reject reciprocal licences
Last Night The Register MS Published a Fake Article. It Mentioned "AI" 27 Times.: Paid-for nonsense! [...] What's left of once-respectable news sites actively harms society
Links 27/03/2026: Google Executive (GAFAM, US, Surveillance) "Named the New BBC Head", Prominent Climate Scientist Resigns From NASA: Links for the day
Gemini Links 27/03/2026: "Being Busy" and "Posting Again": Links for the day
GNOME Has No "Real" Executive Director, Only an IBM (Perma)'Interim' One With No Openings in Sight: GNOME is having financial problems
Microsoft Experiencing "Leadership Exodus": Microsoft's current position is no better than Meta's (Facebook)
GNU/Linux Distros Should Reject "Age Verification" and Uphold Software Freedom for Users: It's not about protecting children
Slop Plunge: we can already "smell the blood" of the so-called 'AI industry'
IBM Media Puff Pieces While Layoffs Go On and On: Has the PR industry absorbed the press?
Media Says Microsoft Hiring Freezes, But There Are Already Microsoft Layoffs: They want the public to talk about Microsoft as if it's just not hiring when it is actually firing
Richard Stallman lynchings: Sruthi Chandran splitting Debian: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, March 26, 2026: IRC logs for Thursday, March 26, 2026

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Recent Techrights' Posts