Bonum Certa Men Certa

GNU/Linux News in the Era of Science and Reason

posted by Roy Schestowitz on Oct 06, 2023

Solar Energy

THE news about "Linux" this past week contained unwarranted misinformation and clickbait. An issue in some library not connected to Linux (GNU actually) is being mischaracterised and the severity of the issue is also mischaracterised.

The short story is, people are at risk if they do not patch their distribution and also, in addition, they acquire some software from some random site that takes advantage of a hole unknown until less than a week ago. Exploitation of the hole would likely never happen by merely upgrading existing (already installed) software like Firefox because Mozilla does not want to trick all of its users into taking "poisonous" builds that steal root access. What for anyway? What's to gain?

As such, a more reasonable and factual reporter would simply state that there this package that many GNU/Linux distros have in them, it needs to be updated (patched), and if one installs some random binary found somewhere online (not trusted sources), then there's a possibility that not only will that binary cause damage at user(space) level but also at root level. There's also the possibility that untrusted, malicious actors with an account on your server can get greater access than before (unless the system is patched quickly). But even shared hosting would have ways of tracing back who's on the system (e.g. bank accounts).

That local privilege escalation flaws are treated like a case of "sky is falling" is concerning. We saw nearly 15 headlines about it so far this week and most got the news wrong.

GNU/Linux comes from the scientific community, not the business world. We should care for facts and not be tolerant of business-sponsored spin, scaremongering etc.

Other Recent Techrights' Posts

Richard Matthew Stallman, or rms (RMS), Turns 72 This Coming Weekend
This coming Sunday he deserves a cake
 
Links 13/03/2025: Calculators and Spreadsheets, Returning to a Human Internet
Links for the day
Links 13/03/2025: Further Assaults on Science and Education in the US
Links for the day
Expect XBox to Be Shut Down Like Skype
"hey hi"-washing fools nobody
Truth Hurts (Especially Some Dishonest and/or Greedy People), But Reporting Truth is What Makes Journalism Valuable to the General Public and Helps Protect Society From Abuse by Sociopaths or Pathological Liars
When it comes to reporting, we're on the side of female victims, not the men who strangle them.
New Paper Reveals the Web (and Net) Drowns in LLM Slop, "Linux" is Impacted Too
It will be getting harder to trust anything on the Web
Links 13/03/2025: RIP, Carl Lundström; Tesla (the Company, Not Scientist It Piggybacks) Besieged by Public Backlash
Links for the day
Gemini Links 13/03/2025: MElon "Greek Tragedy" and Going Offline More
Links for the day
Links 13/03/2025: COVID-19 Legacies and "Modern" Cars as Spying Machines on Wheels
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 12, 2025
IRC logs for Wednesday, March 12, 2025
The Fall of the Open Source Initiative (OSI): Microsoft-Sponsored OSI is Probably Not Even the Real Steward of the Open Source Definition, It's More Like an Identity Thief at This Point (Like "FSFE", a Microsoft-Sponsored Imposter of FSF)
As we'll show later, many people (even inside OSI) are very angry at the OSI right now
Gemini Links 12/03/2025: Cataloging Books, Ramen, and MElon
Links for the day
Links 12/03/2025: Anti-Union Actions and New Efforts at Truce/Ceasefire in Ukraine
Links for the day
Sponsored by Linux Foundation
All the pages are full of 'Linux' Foundation ads that are not about Linux
CodeWeavers Ads Weaved by LLM Slop at BetaNews
How much of this was even touched by a human being?
It's Hard to Dispose or Get Rid of Swasticars Now
'Memecars' only sell as long as people have a 'belief' in them
Springtime Plans
We currently have two long series underway
In Australia, iOS Estimated to be Bigger Than or Equal to Windows
Not even counting macOS
Brett Wilson LLP Does Not Deny Microsoft or Another "Third Party" Secretly Funds the SLAPPs Against Techrights, Bankrolling Despicable People Who Deserve Criticism
Writing about crime is not a crime
Gemini Links 12/03/2025: LLM Slop Lacks a Future, Wordle Clone Comes to Gemini Protocol
Links for the day
Using FUD That Blames "Linux" for Typos, Turning It Into LLM Slop That Blames "Linux" for Typos
It is probably the "leader" at LLM slop (fake 'articles') about "Linux"
Links 12/03/2025: Big Cuts to US Education and Science (e.g. NOAA)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 11, 2025
IRC logs for Tuesday, March 11, 2025
Crossbow murders: prevention, missed opportunities
Reprinted with permission from Daniel Pocock
This yt-dlp Bug Report Shows Us That the Future of YouTube is DRM and It's Time to Leave (yt-dlp Should Also Leave Microsoft GitHub, Which Censors YouTube Downloaders)
GAFAM traps aren't "free hosting"; they herd us all into a world of tollbooths and locks, surveillance and planned obsolescence (you own nothing, you only rent)
Ukraine Didn't Take Twitter/X Down, Microsoft or Windows Likely Did
There are many debunkings (to likely false accusations), but won't that just be another example of Windows TCO, exacerbated externally in the form of Windows botnets?
The Fall of the Open Source Initiative (OSI): Worse Than What the Media Has Focused on, Losing Sight of Who Owns and Runs the OSI
Members' dues are less than 3% of the income; where does the 97+ percent come from other than Microsoft?
Apple Seems to Have Run Out of Things to Boast About After Apple Vision Pro Failed Spectacularly
With "Apple Intelligence", Apple has finally named a product after what target customers lack
Slopwatch: Reckless FUD and Machine-Generated Spam from LinuxSecurity.com, cybersecuritynews.com, and gbhackers.com (Google Boosts LLM Slop About "Linux")
Google and so-called 'Google News' continue to yield anti-Linux misinformation
Gemini Links 11/03/2025: 'Chainsaw Politicians' and Proprietary Software Hell
Links for the day
Links 11/03/2025: Covid-19 5 Years On and Violence in Syria
Links for the day
Links 11/03/2025: NASA Besieged and "DOGE Has Become What It Claimed To Destroy"
Links for the day
Fresh IBM Layoffs Reported in Europe and North America, Jobs Allegedly Moved to South Asia (Low Salaries)
As usual, IBM does not talk about this
Illuminating Injustice is Critical When Reckless Microsofters and Law Firms Try to Silence Reporters of Violence Against Women
I want to clarify that I'm well within my right (and not running afoul of any rules) by explaining what goes on here
EPO Central Staff Committee: "The Strategy of the Office Lacks Transparency and Cannot be Understood"
Microsoft and the EPO violate data protection laws
Microsoft Has Not Much Left to Show Investors, Shares Fall Almost 20%
It's not even clear how Microsoft makes money anymore
Links 11/03/2025: Spring and Misfin Server
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 10, 2025
IRC logs for Monday, March 10, 2025