Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

Dr. Roy Schestowitz

2014-06-07 12:37:22 UTC
Modified: 2014-06-07 12:37:22 UTC

Bugs inside blobs are also serious bugs, and sometimes there by design

Bug

Summary: The increased media coverage of bugs in security-sensitive FOSS projects reveals lack of desire to cover much bigger threats, including back doors in proprietary software such as Windows

OpenSSL has been somewhat of a whipping boy of the technology press. One reason is, OpenSSL is widely used, but another is that it's known what the issues are (transparency) and the corporate media sure has agenda. We already gave the example of Dan Goodin, to whom security bugs are only news is they affect FOSS (here is his latest go at it) and now that GnuTLS bugs become public knowledge (after a public release with full source code) there is some more coverage that resembles what we found amid "Heartbleed" hype [1, 2, 3] (in both cases a firm with Microsoft connections claimed credit for other people's discoveries and trumpeted FUD in the press). One can expect the same from Microsoft-funded 'news' networks like IDG and ZDNet, which merely covers an already fixed bug. To quote the summary:

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

This is not an unusual thing. Why it this suddenly front page news?

Notice the pattern. In all cases the bugs are already fixed (users just need to apply updates, unless they have already been applied automatically). This shows a strength of FOSS, not a weakness. The latest OpenSSL patches that we covered a couple of days ago (in daily links) don't relate to or amount to huge risk [1] and these are already patched [2]. The same goes for kernel bugs [3].

What we found highly disturbing here is that despite discoveries that companies like Apple and Microsoft facilitate the NSA with back doors (in secret code) we see an improportionate focus on every small bugfix in projects such as GnuTLS, OpenSSL, and Linux. Someone might be trying very hard to make the point that FOSS is the issue, not back doors which are very much included by design (and hidden in blobs). Reporters who cover bugs in FOSS but are never covering back doors in proprietary software ought to be challenged. Their bias (by omission) should be pointed out to them. ⬆

Related/contextual items from the news:

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Richard Stallman's Talk at Georgia Tech is Just 2 Days Away: We're still curious to see how malicious people (or trolls) in social control media will try to slant his talk as "bad"
The "Alicante Mafia" - Part VII - The Industrial Actions Began Yesterday, Here's Why: The "Alicante Mafia" might not last much longer
openai.com Traffic Said to Have Fallen 50% in the Past Three Months, Reports Say It Nearly Ran Out of Money to Borrow: After the slop frenzy all we'll have left is environmental destruction
Links 21/01/2026: "Snap Settles Lawsuit on Social Media Addiction" and Attempts in the US to Revive Software Patents: Links for the day
Links 21/01/2026: Microsoft 'Open' 'Hey Hi' in More Trouble, US Has "Brown Shirts" Problem: Links for the day
Yesterday Afternoon The Register MS Published Paid Microsoft SPAM Disguised as an Article About "AI PCs": The Register MS cannot help itself, can it? [...] Follow the money.
Microsoft's XBox is in Effect Dead Already, Now It's a Streaming and Advertising Platform: Expect many layoffs soon
EPO's Web Site Misused for Propaganda About Illegal Kangaroo Courts to Distract From EPO Scandals and Judicial Crisis in Europe: UPC is illegal and unconstitutional
Gemini Links 21/01/2026: Edible Circuits and "Sayonara HTTP": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, January 20, 2026: IRC logs for Tuesday, January 20, 2026
IBM Hides Its Own Destruction (and Red Hat's): It's like scenes out of '1984', which is what a now-famous advertisement from Apple compared IBM to
LLM Slop Not Dead Yet, Examples of Slop About "Linux": We wish to see the totals down to zero
Links 20/01/2026: Cheeto Blackmails France Into 'Peace' While Looking to Annex EU, Mass Layoffs in Capgemini (Microsoft Reseller/Promoter) in France: Links for the day
Gemini Links 20/01/2026: Boxing and "Inbox Zero" Success: Links for the day
Windows and Slop Declining While Microsoft Silences Critics: Microsoft tries to suppress facts while faking 'demand' by imposing slop on everybody, everywhere
IBM Kills OzLabs, Signalling An Attack on Free Software (a Sign for Red Hat): ibiblio also appears to have died (or experiences critical issues)
Red Hat Vice President Leaving After Nearly Two Decades: IBM's culture of secrecy is not compatible with Free software
Links 20/01/2026: "ChatGPT Health" (Latest Distraction From Being Insolvent) Flops and Raises Concerns, "The U.S. Military Faces a Reckoning on Greenland": Links for the day
Rudeness and Vulgarity Won't Stop Journalism About Free Software: we seem to be on the right path
Readers Pleased With Layout Changes: Two days ago we began improving clarity and accessibility in the site
IBM Plans for Layoffs Becoming Clearer With "Employee Reviews": Of course this impacts Red Hat as well
IBM is Outsourcing Red Hat's Fedora to Slop to 'Save Money': If IBM cared about quality rather than alleged "cost savings" (cutting corners), it would assign more IBM staff to Fedora, but instead the exact opposite happened, with the likes of Cotton and Miller removed from the project
European Patent Office (EPO) Industrial Actions Formally Start in Two Hours: As per the latest (revised) action plan, today workers will slow down their work and limit patent grants
Microsoft Under Fresh Investigation by the Italian Competition Authority: In 2025 we kept a running tally of 30,000+ Microsoft layoffs, so 40k this year would not be unthinkable
The "Alicante Mafia" - Part VI - More Strikes Planned at the EPO, Starting This Month: Yesterday we said that friends of Berenguer or inside Berenguer's circle may have left
Gemini Links 20/01/2026: New Tea, Using a Roku at a Hotel, and "Voltage-Based Power Management for Any Raspberry Pi": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, January 19, 2026: IRC logs for Monday, January 19, 2026
If You Don't Want "Linux" to Become "Windows", Then Follow GNU: GAFAM isn't a friend of Linux; it's only a user in the same sense clients are "users" of a brothel
Links 19/01/2026: National Broadcasters on World or Local Affairs Up to a Week Ago: Links for the day
Gemini Links 19/01/2026: Game Boy and "The Lounge" (IRC) for the Elderly: Links for the day
Slopfarms in Google News (at Least Three Today) With Fake 'Articles' About "Linux": Google itself is trying to promote its own slop ("Overview") at the expense of original and credible sources
Links 19/01/2026: ChatGPT’s Defects and The Guardian on Why So-called "AI Companies Will Fail": Links for the day
This is What the Slop Bubble Popping Can Look Like: Maybe not an overnight collapse, but getting there gradually
IBM Quiet About Its Plan for Red Hat Amid Accelerated Bluewashing: Something is going on at Red Hat
The "Alicante Mafia" - Part V - It Seems Like Some People Are Already Leaving "The Mafia": they have a rough idea of what's coming
Microsoft Means War, Microsoft is on the Side of ICE: Microsoft, people-ready
More Confirmatory Rumours Regarding "Massive" Red Hat Layoffs: Ecosystem and sales said to be targeted
Proprietary UNIX is What We'll Have If IBM Red Hat Gets Its Way: IBM Red Hat wants to control everything, even if that means killing everybody
Free Software in Times of Peace (and Times of War, Too): GAFAM and IBM are war companies
Founder of GNU/Linux (RMS) Speaks in US University (College) This Week: The auditorium has very high capacity and this is his "college comeback" talk in the United States
Office Meetings Are Most Useful to the Least Productive Workers: In my "office life" days I really didn't like meetings
LinuxSecurity and Linuxiac Are Still Slopfarms, Even Anthony Pell Does It: We suppose waiting another month or another year won't change a thing
Claim That the Board of Directors at IBM Isn't Happy With How the Company is Run: IBM tries to project an image of strength to the whole world, especially to its clients
Links 18/01/2026: Legal Trouble for xAI, Climate Concerns, Data Breaches and More: Links for the day
'Vibe Coding', Chatbots, and Other Bots (e.g. "Agents" Disguised as "Superintelligence") Aren't Saving You Time: False marketing, FOMO marketing tactics
Gemini Links 19/01/2026: Analog Cameras and Plucker in 2026, US Losing Acceptability in Europe: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, January 18, 2026: IRC logs for Sunday, January 18, 2026

Lots of Coverage About FOSS Bugs, No Coverage About Intentional 'Bugs' (Back Doors) in Proprietary Software

New OpenSSL breech is no Heartbleed, but needs to be taken seriously

OpenSSL Security Update now available for Fedora

Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

Recent Techrights' Posts