Bonum Certa Men Certa
Don't Install Pipelight, It Helps Infect the Web With DRM and Microsoft | Links 8/6/2014: Valve Funds Mesa Development, SQLite 3.8.5 Released

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug



Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:



The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.


This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them.

Related/contextual items from the news:


  1. New OpenSSL breech is no Heartbleed, but needs to be taken seriously


  2. OpenSSL Security Update now available for Fedora


  3. Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS


Don't Install Pipelight, It Helps Infect the Web With DRM and Microsoft | Links 8/6/2014: Valve Funds Mesa Development, SQLite 3.8.5 Released

Recent Techrights' Posts

SLAPP Censorship - Part 115 Out of 200: Spending the Next Decade Writing About SLAPPs and Trying to Fix the System
It's the same industry that got paid by corrupt EPO officials to try to cover up the corruption
 
After IBM's Shares Collapsed the CEO is Trying the "Quantum" Trick Again, Bolstered by a Demented Dictator in the White House
from what we can gather IBM's CEO is trying to get the US government to participate in the scam
Greece Ought to Curb the Threat of Social Control Media
its national discourse seems to be run by an American company called Facebook
State of the GNU/Linux Desktop (and Laptop)
The time to advocate GNU/Linux is now
The 'XBox Narrative' Distracts From Destructive Cuts Across the Whole of Microsoft
Microsoft is preparing to lay off a likely record-breaking number of people [...] this isn't just an XBox problem
Microsoft's Stock Fell Nearly $200, But the Real Problems Are Just About to Begin
if they dump slop, what will they tell shareholders?
The Cyber Show on Starmer and Software Freedom
The Cyber Show's Andy has just explained why our departing national leader wasn't all bad
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 22, 2026
IRC logs for Monday, June 22, 2026
Gemini Links 23/06/2026: Girlrotting, Homeworlds at BGA, Slop Ruins Sites
Links for the day
A Lifetime of Whistleblowing
Ellsberg did not have an easy life, but it was a rewarding life with a rich legacy focusing on justice
European Patent Office (EPO) Series: A Man With Many Missions...
Campinos – accompanied by Gilles Requena and Patrice Pellegrino
Links 22/06/2026: Ubisoft Co-founder Dies, Americans Have Turned Against Slop
Links for the day
Links 22/06/2026: "The Sycophancy Machine" and "Port 22 Open for 54 Days"
Links for the day
When People Who Make the Most Money Are the Best "Boot Lickers" (Sucking Up to Jeffrey Epstein's Circle and the Dictator)
Sucking up to rich people may pay off
The Aim is Not Fame
Reposted from schestowitz.com
"Internally Important, Externally Irrelevant": IBM in a Nutshell
Right now its debt spins out of control and its stock spirals down the drain
SLAPP Censorship - Part 114 Out of 200: Thousands of Long Articles to Come, Properly Covering the SLAPP Industry in the UK and Its Modus Operandi
"Stowell described SLAPPs as ‘a stain on our legal system’."
Finding a Way to Get Paid to Improve LibreJS
So now we have more people resurrecting LibreJS and improving it
Microsoft Can't Even Wait Until July, Shutdowns and Layoffs Already Happening
Mashable speak of "a grim picture for the state of Xbox."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 21, 2026
IRC logs for Sunday, June 21, 2026
Gemini Links 22/06/2026: Appreciating Simple Things, Perfect Summer Evening, IRIX, Vim and so
Links for the day
Chad's Move to GNU/Linux or the Point of Exceeding 5% "Market Share"
experienced centuries of being colonised
Gemini Links 21/06/2026: Dating Oaks, Paying With Cash, and "More on Withered Technology"
Links for the day
GAFAM is Drowning in Debt, GAFAM is Clearly Not Sustainable Anymore (It Runs on Borrowed Money and Bailouts)
The war and surrender in Iran will deepen the debt; we'll see the GAFAM reports in late July
GAFAM Was Never an Ally to Europe
Only 1 in 10 Europeans see US as an ally — study [...] military providers in "tech" clothing cannot be trusted
GitHub, LinkedIn, and XBox Will Finish Like Skype (Sustainability Crisis)
Skype should become a verb. When Microsoft 'Skypes' something it means it basically shuts it down with some temporal excuse/s.
Drowning in Garbage: AUR Shows That Too Much Low-Quality Software (Including Slop) is Bad for Everybody
What happened in AUR had happened elsewhere before and will happen again in the future
Links 21/06/2026: EU on Patented (Monopolised) Crops, Microsoft Software "Narcs on You to Your Boss"
Links for the day
Microsoft at 50 Follows the General Trajectory of Skype
How many years does Microsoft have left before payroll becomes impossible?
A Year After a Microsofter Took Over The Register MS It is Effectively a Content Farm With News as a 'Side Dish'
This is not journalism, this is spam
IBM Pays the Media and Cons Some 'Journalists' Into Participating in "Quantum" Spam
"The Boy Who Cried Wolf"
You Don't Need an 'App' for Your Birdhouse (Slopfondlers Come for Birds)
That they sell those things as "AI" really says a lot about how dishonest slopfondlers really are
SLAPP Censorship - Part 113 Out of 200: The United Kingdom is Not Turkey
Turkey is ranked almost worst in the Western World for press freedom
Cybersecurity Does Not Mean Asking Microsoft for Permission to Boot
There were very good and timely reasons to speak about the matter, including impending antitrust complaints against Microsoft
Links 21/06/2026: Bots from Alibaba Do Harm and Many Xbox Games Are Being Cancelled
Links for the day
5 Years After Release of Vista 11 Not Even One in 5 People Use It (in the US)
It doesn't look like Vista 11 will ever be adopted like prior versions and announcing a Vista 12 will mostly upset companies/organisations that only recently "upgraded" to 11
Gemini Links 21/06/2026: Boca Raton, Perfect Summer Day, and LLM Doing Things Poorly
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 20, 2026
IRC logs for Saturday, June 20, 2026