Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn't Critical, Isn't Actively Exploited, and Even Red Hat's Distro Isn't Patching Yet

Dr. Roy Schestowitz

2022-11-01 20:14:48 UTC
Modified: 2022-11-01 22:33:28 UTC

Video download link | md5sum 8de27c8022d55f728a4d1c5eb55026e0 Irresponsible Misinformation About OpenSSL Creative Commons Attribution-No Derivative Works 4.0

Summary: Fuelling Microsoft-affiliated and sometimes Microsoft-funded "news" (noise) sites, Red Hat -- and to a lesser extent Fedora -- exaggerated the severity of bugs a week before their details' release (long and purposeless suspense); it's a case of a boy who cries "wolf!" to get "likes" in Twitter and media coverage that relies on nothing but lousy (inaccurate) "tweets", where fact-checking is impeded by NDAs/embargo

A few days ago we took note of the overhyped (mostly by Red Hat) impending patch for OpenSSL. Red Hat ended up slipping/changing the release date of Fedora, adding some more to the perceived danger, contributing to the scare, resulting in a week's worth of media misinformation like calling it "zero day" (even in headlines!). This irresponsible hype turns out to be have been outright disinformation (or at best misinformation) about the severity and it's worth noting that Red Hat is in no hurry to patch its most important products and there are no actively-exploited aspects; in other words, it is not "0-day" and there is no immediate rush to patch (in some cases there is no patch, either).

"We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already."The 8 URLs from the video are listed below in a logical order. To quote [4] below "Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?"

We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already. ⬆

Links from the video above

Saving the Planet With Honesty, Transparency, and Sharing (Not Only of Computer Code): GAFAM is destroying the only habitat humans and other animals have and it'll only get worse
Disinformation About Election Outcomes Even Before Any Election Outcomes (or Election/Voting!): seeding doubt about election outcomes
Against Outsourcing of Sites and E-mail: Software Freedom is great, but it is not enough if you let someone else do it 'for you'
Drew DeVault: People Talking About My Attack Site (Against the Founder of GNU/Linux) is "Spam": "Spam on sr.ht mailing lists"
"Oppose the Fascist": what the founder of GNU/Linux said
Halloween, All Saints Day & Swiss citizenship: Reprinted with permission from Daniel Pocock
How Voting Does Not Work: You cannot vote from an "app"
Links 05/11/2024: Bluesky and Enshittification, Pugad Baboy, and Lots of Disinformation Flooding the Web: Links for the day
[Meme] Sweaty Under the Belly: "OK, my critics are 'spam'"
Microsoft Bribing Canonical (to Stop Competing) and Bribing Users to Shun the Competition: Canonical is worth shunning
[Meme] The 2024 'Info Bros': And prehistoric googling
Computers Getting Worse (for the User) Over Time: This is like Windows-ism coming to "Linux" through the hardware
[Meme] How NOT to Vote: Another form of (mostly-unspoken-of) election interference
An LLM Inside a 'Search' Engine Means That Companies Tell You What They Want, Not What Web Pages to Visit: The future of 'googling' things might be as unreliable as using Social Control Media as a source of information
Google's Debt Has Increased and 'Cash on Hand' Fell by 22.27% This Past Year: These are the numbers that the corporate media intentionally leaves out
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 04, 2024: IRC logs for Monday, November 04, 2024
There's a Reason Why Techrights is Turning 18 and Tux Machines Will Turn 20.5 Next Month: I started advocating GNU/Linux when I was a teenager
Techrights Has a Long History of Fighting to Expose 'Team Mono' or Microsofters Inside GNOME: Never downplay the malice of Microsoft and its operatives
Gemini Links 05/11/2024: Halloween Over, Intention and Implementation, Bookmark Syncing: Links for the day
Microsoft Lost Nearly Half of Its 'Cash Reserves' This Past Year: Is Microsoft (MSFT) the next Intel (INTC)?
The Year Isn't Over Yet, There Will be More Waves of Microsoft Layoffs: Nowadays Microsoft just tries to conflate/equate its energy waste with "value"
The Corporate Media Blasted Bitcoin for Destroying the Planet and Must Do the Same to Incite the Public Against the 'Great Rigging of Wall Street' (Under the Guise of "AI", the Latest Gold Rush): "AI" is the next "metaverse" (trailing by a few months)
[Video] Richard Stallman is Back to Halo and Gown (in Peru) With 2+ Hours of a Public Talk: The globetrotting Richard Stallman gave many talks at the end of last month
Going Strong Against the Wind: the abuse serves to emphasise or affirm the importance of what we do
Links 04/11/2024: Squashing More Software Patents and Taiwan at Risk: Links for the day
Gemini Links 04/11/2024: Typing vs Writing and a Smol (Net) Pub: Links for the day
Links 04/11/2024: LibreOffice Had Adopted PeerTube, "Hey Hi" Hype is a Threat to the Energy Grids (Worse Than Fake-Coins): Links for the day
[Meme] Social Control Telescreens With Microphone: Nineteen Eighty-Four
Shout-out to Christine From FOSSForce: Who noticed our short story
Not Boycotting Apple (Yet)?: "Apple Forces The Signing Of Applications In MacOS Sequoia 15.1"
statCounter This Month: Android Has Nearly Become Twice as Big as Windows: If it happened, it would be an unprecedented milestone
Why Technical Sites Need Not Make Political Recommendations or Endorsements: Except perhaps when it's for some purely technical role, e.g. FCC chief
[Meme] Apple Freedom: Freedom is... the ability to purchase as many 'i' things as you want
Apple's MacOS Shows Us the Vision of Computing That GAFAM Has for Us (Digital Prisons): Freedom means "we the people" should be in control, not people being controlled by corporations (contemporary slaveowners)
"Active" as in One URL, One Emoji, and 4 Words in One Week: Diversity community in Fedora
Apple Vision Pro Has Failed, Just Like "Metaverse": Vision Pro lacks software
Things That Can Improve Election Integrity: the first two relate to "tech"
Rigging Elections is Difficult, Cheating a Little is Not: Avoid social control media, it is the biggest rigger of all
"People who live in glass houses shouldn't throw stones": On throwing stones in a glass house
Our Stance on Electronic (or Digital) Voting Machines: The simple activity of voting and counting ballots does not require thousands of complex machines with hundreds of millions of transistors and hundreds of millions of lines of code
Microsoft and "Retrospective Re-writing of History...": in YouTube anyone can make stuff up (as one goes along)
This Coming Week: Go exercise your right to vote
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, November 03, 2024: IRC logs for Sunday, November 03, 2024
Reddit is (Still) Lying and Faking: Don't fall for this phony idea that the above sites are grassroots or edgy; they're not
GNU/Linux Users Are Not Cheaters: The bottom line is, most cheaters use Windows
Links 04/11/2024: FCC, Broadband Industry Spar Over Net Neutrality; Software Patent Squashed: Links for the day
Gemini Links 03/11/2024: Official MyGemini.Space Announcement: Links for the day
Gemini Links 03/11/2024: Election Thoughts, Plagiarism, and LLM Slop: Links for the day
Links 03/11/2024: Deere 'Right to Repair' (RoR) and "Threads Bans Anyone For Mentioning Hitler": Links for the day
[Video] "El Movimiento del Software Libre y el Sistema Operativo GNU" by Richard M. Stallman: The footage is a bit jittery (taken with a phone apparently, and there's no tripod available), but the sound is OK and the words (in Spanish) are comprehensible
Android at New Highs (47%), Windows at New Lows (24%), Suggests Latest Data From statCounter: So the market share of Android is about double that of Windows
[Video] Richard Stallman's Talk in Spanish (in Peru Last Week): Alternative URLs too
The Media Focuses on the Wrong Scandal: The real scandal at MIT was Gates
Gemini Links 03/11/2024: Fantasy Life Day and Worship: Links for the day
[Meme] Write Us Drivers and GTFO!: When you realise sanctioning BRICS devs goes against the community
Decommissioning Copper Lines Makes Us Less Safe: We've essentially degraded the robustness or reliability of critical systems
Life of an Addicted Lolicon Who Can Also Code: Personal blog as an open diary
[Meme] Reporting Crime is Not a Crime: Obviously!
Manchester Party for Techrights: If you choose to come, of course we'll cover the cost of the food and treats (but not travel)
Privacy is Not a Crime (in Places Where It is a Crime the Regime is Typically Very Rogue): Also, criminals lack "privacy rights" to hide their crimes from the public
GNU/Linux "Market Share" in Lebanon More Than Doubled in a Few Months: Maybe it's a reaction to something? Assassination in Haret Hreik was in July.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, November 02, 2024: IRC logs for Saturday, November 02, 2024
Nearly 40 Years Without Security Incidents: People who use Windows have come to sort of "accept" that security incidents are part of life or "normal"
[Meme] The Streisand Effect: Simon says, don't bother trying to suppress facts
Streisand Effect at IBM?: Trying to silence your workers isn't the best approach. It only makes colleagues even more curious.
Microsoft is a Gift That Keeps Giving (Future Stories to Techrights): Microsoft has been trying to silence me using dirty tricks for nearly 20 years
Elon Musk Has Trashed Twitter for Ideological Reasons (and Propping Up Trump in Exchange for Financial and Political Favours Once in Public Office): In case you didn't leave Twitter already, consider the fact that Twitter's (or "X"... whatever!) future is uncertain
Wall Street Has Demoted Intel, Seeing There May be No Future to Intel: Intel's loss isn't a loss to us
Free Software Licence Compliance is About Security Too: Linux as de facto proprietary off-the-shelf platform

Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn't Critical, Isn't Actively Exploited, and Even Red Hat's Distro Isn't Patching Yet

Links from the video above

Recent Techrights' Posts