EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.07.14

Lots of Coverage About FOSS Bugs, No Coverage About Intentional ‘Bugs’ (Back Doors) in Proprietary Software

Posted in Free/Libre Software, Microsoft, Security at 7:37 am by Dr. Roy Schestowitz

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug

Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it’s known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid “Heartbleed” hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people’s discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded ‘news’ networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don’t relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them.

Related/contextual items from the news:

  1. New OpenSSL breech is no Heartbleed, but needs to be taken seriously
  2. OpenSSL Security Update now available for Fedora
  3. Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS
Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 23/5/2015: Fedora 22 to May 26th, Netflix in SteamOS

    Links for the day



  2. The Patents Production 'Industry' (Patent Lawyers) Still Fights Hard to Salvage Software Patents

    A review of recent writings about software patents and patents on business methods in the United States, demonstrating that patent lawyers have gotten very vocal and sneaky (trying to evade the rules)



  3. Patents as a Marketing Strategy: USPTO Now Part of the Advertising Industry

    The existence of publicity patents, or patents whose sole purpose is to advertise some products, serves to discredit the US patent office, which was originally set up to promote science and technology



  4. Microsoft Blackmails and Extorts British Politicians Over Open Standards and Free Software-Leaning Policies

    Microsoft's digital imperialism in the UK getting defended using blackmail, reminding a lot of Brits that Microsoft is just as evil as ever before



  5. Microsoft Gives Another Bug a Name, This Time Logjam™

    The Microsoft crowd is good only at marketing, even when it comes to small bugs in software



  6. Links 22/5/2015: Fedora 22 Final Release is Near, Canonical IPO Considered

    Links for the day



  7. More Utter Shame Unveiled at Battistelli's EPO: Intimidation Tactics With Help From 'Control Risks'

    The unaccountable thugs who run the EPO have hired London-based spooks to help silence their opposition and their critics



  8. GNU/Linux Still Under Attack From Apple and Microsoft, Patents Remain the Weapon of Choice

    A timely reminder of the importance of patent matters, for they are being used to eliminate the zero-cost advantage of Free/libre software and make it more proprietary, privacy-infringing, and user-hostile (as a result of blackmail)



  9. Gartner Group and NASSCOM: Will Lie for FUD, on Behalf of Microsoft and Proprietary Software

    Some of the latest arguments against Free/libre software turn out to be arriving from couriers of Microsoft and its agenda



  10. Windows is a Franchise in Demise, Don't Believe the Hype

    Ongoing propaganda about Vista 10, 'cloud', and other buzzwords or brands are put in perspective



  11. Links 21/5/2015: Fedora 22 RC2, CERN Chooses OpenStack

    Links for the day



  12. Microsoft is Again Showing Its Hatred of Free/Open Source Software by Lobbying the Indian Government to Drop a Rational National Policy

    Microsoft decides to attack Free/Open Source software (FOSS) in India, where the corporate media is very much complicit in misleading the public



  13. Links 20/5/2015: Containers, OpenStack, and EXT4 Corruption

    Links for the day



  14. The PATENT Act, Distraction of Trolls, and Lobbying for Software Patents by Protectionists

    Only large corporations and their lawyers are able to formally change the US patent system through public officials and politicians, despite recent rulings from very high courts



  15. Corporate Media and Friends of Microsoft Are Still Lying About the Cost of Vista 10

    In a desperate effort to beat operating systems that are Free (libre) and free (gratis), such as GNU/Linux or Android, Microsoft shores up the illusion of 'free' (gratis) Windows



  16. Links 19/5/2015: Linux 4.1 RC4, Thunderbird 31.7.0, OpenStack Event

    Links for the day



  17. Links 18/5/2015: Russia Chooses Jolla, Many New Distro Releases, Meizu Devices

    Links for the day



  18. Even Converting an Image to Greyscale is Now a Patent

    Simple mathematics becoming patented as Fujifilm claims 'ownership' of photographic conversion to greyscale



  19. Grooming of the World's Biggest Patent Troll, Nathan Myhrvold of Microsoft and Intellectual Ventures

    UCLA and Microsoft-linked media are framing big thugs as heroes, doing a great disservice to both academia and journalism



  20. The EPO's Fight to Bring Software Patents Into Europe is One Step Closer to a 'Victory' (for Multinationals)

    Opposition to the Unified Patent Court (UPC) is being crushed and Italy is one of the latest actors to have fallen in the battle



  21. Microsoft's 'Former' Staff Continues With His Anti-Google Rhetoric at CBS

    A Microsoft intern, who has moved on to journalism, is still showing his affinity for Microsoft with apologetics and spin



  22. More of Microsoft's False Claims About Cost of Vista 10 and More Layoffs

    Vista 10 is still being marketed using lies and Microsoft may be going down the same route as Nokia



  23. Microsoft Remotely Bricks -- Intentionally -- Xbox One

    Microsoft is showing off its kill switches, kills consoles of people whom it doesn't like



  24. IRC Proceedings: May 3rd - May 16th, 2015

    Many IRC logs



  25. Links 17/5/2015: NuTyX Saravane 15.05, Panasonic and Firefox OS

    Links for the day



  26. Links 16/5/2015: MAME Free Software. Rust 1.0, New Wine

    Links for the day



  27. Links 15/5/2015: GNOME 3.16.2, GNU Guix 0.8.2

    Links for the day



  28. Links 15/5/2015: Skrooge Releases, Linux 3.14.42, Linux 3.10.78

    Links for the day



  29. "VENOM" FUD Attack -- Like "Heartbleed" FUD Attack -- Linked to Microsoft

    Why CrowdStrike™ is motivated to smear Free software and establish a stigma of insecurity in Free software-based virtual machines/'clouds'



  30. Spinning Microsoft's Inability to Sell Windows (or Office) as a Strength

    The 'cloud' mindset, which is promoted by surveillance fanatics, increasingly used to pretend that Microsoft has a bright future, despite declining sales


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts