Overclock.net › Forums › Industry News › Software News › [DT] Huge Hole in Open Source Software Found, Leaves Millions Vulnerable
New Posts  All Forums:Forum Nav:

[DT] Huge Hole in Open Source Software Found, Leaves Millions Vulnerable - Page 3  

post #21 of 33
Quote:
Originally Posted by lattyware View Post
Please, don't believe this rubbish.

If anything, this proves Linux is more secure. How long after discovery did it get patched? Almost instantly.

If no one knew about this, then it wasn't a problem. What matters is the time the flaw is in the wild, ready to be abused.

Every piece of software has bugs. In FOSS, they get fixed fast.
Quote:
Originally Posted by Retrospekt View Post
Don't even try to convince these people. It's not worth it.

I lack understanding on how there can be a forum that's a giant circle-jerk about Microsoft. It just doesn't make any sense.
We don't need them. Let them waste $100-$200 every time they need an OS.
    
CPUGraphicsRAMHard Drive
Core i5 M 520 NVS 3100M G.SKILL 8GB (2 x 4GB) 204-Pin DDR3 SO-DIMM DDR3... OCZ Vertex 3 128GB 
  hide details  
    
CPUGraphicsRAMHard Drive
Core i5 M 520 NVS 3100M G.SKILL 8GB (2 x 4GB) 204-Pin DDR3 SO-DIMM DDR3... OCZ Vertex 3 128GB 
  hide details  
post #22 of 33
Hahahahahah... Its too funny. In the open source world, you cant blame anyone because everyone is at fault. Unix programmers have got to be the most arrogant SOBs Ive ever seen. OpenSSL basically just called Debian a bunch of randoms that shouldnt even be touching a keyboard... How lame is that.

But OMG if Microsoft dare make any mistakes in their code... There is a huge friggin target that everyone cant point their huge judgemental remarks at.

And please... Linux noobs... Stop trying to downplay such a huge security flaw. That is a pretty big one. And I seriously doubt every single Linux user that has this problem miraculously knows about it. You pretend as if Linux users share information through telepathy or as if all Linux users have security flaw tickers running on their desktops. Gimme a break... Once again. Unbelievable arrogance on the part of Linux users...
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
post #23 of 33
Quote:
Originally Posted by DigitalPhreak View Post
Hahahahahah... Its too funny. In the open source world, you cant blame anyone because everyone is at fault. Unix programmers have got to be the most arrogant SOBs Ive ever seen. OpenSSL basically just called Debian a bunch of randoms that shouldnt even be touching a keyboard... How lame is that.

But OMG if Microsoft dare make any mistakes in their code... There is a huge friggin target that everyone cant point their huge judgemental remarks at.

And please... Linux noobs... Stop trying to downplay such a huge security flaw. That is a pretty big one. And I seriously doubt every single Linux user that has this problem miraculously knows about it. You pretend as if Linux users share information through telepathy or as if all Linux users have security flaw tickers running on their desktops. Gimme a break... Once again. Unbelievable arrogance on the part of Linux users...
If you use Linux, you'd know how to update the system.
And IF you are using Debian, you'd know how to use the Debian packaging system (otherwise, you should not use debian). My server is updated. My workstation doesn't need upgrade. And who do you call noob?

About Microsoft.. Let me remind you about DCOM exploit and the blaster worm, and the LSAS exploit (sasser worm), which I personally used and hacked ~120 PCs in a subnet (within 4 minutes).
Edited by metala - 5/24/08 at 11:32am
Ferberite
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Lenovo Thinkpad Edge E520 AMD Radeon HD 6630M 6GB DDR3 @ 1333MHz  
Hard DriveHard DriveOSOS
Samsung 850EVO HITACHI HTS727550A9E364 7.2krpm Debian 7.0 Win7 
OSMonitorMonitorKeyboard
Win8 15.6 Zoll 16:9, 1366x768 Pixel, AUO23EC, spiege... 24" Dell U2412M, 1920x1200 Integrated + External 
PowerCase
20V, 4.5A Lenovo Thinkpad Edge 
  hide details  
Ferberite
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Lenovo Thinkpad Edge E520 AMD Radeon HD 6630M 6GB DDR3 @ 1333MHz  
Hard DriveHard DriveOSOS
Samsung 850EVO HITACHI HTS727550A9E364 7.2krpm Debian 7.0 Win7 
OSMonitorMonitorKeyboard
Win8 15.6 Zoll 16:9, 1366x768 Pixel, AUO23EC, spiege... 24" Dell U2412M, 1920x1200 Integrated + External 
PowerCase
20V, 4.5A Lenovo Thinkpad Edge 
  hide details  
post #24 of 33
Quote:
Originally Posted by DigitalPhreak View Post
Hahahahahah... Its too funny. In the open source world, you cant blame anyone because everyone is at fault. Unix programmers have got to be the most arrogant SOBs Ive ever seen. OpenSSL basically just called Debian a bunch of randoms that shouldnt even be touching a keyboard... How lame is that.

But OMG if Microsoft dare make any mistakes in their code... There is a huge friggin target that everyone cant point their huge judgemental remarks at.

And please... Linux noobs... Stop trying to downplay such a huge security flaw. That is a pretty big one. And I seriously doubt every single Linux user that has this problem miraculously knows about it. You pretend as if Linux users share information through telepathy or as if all Linux users have security flaw tickers running on their desktops. Gimme a break... Once again. Unbelievable arrogance on the part of Linux users...
I presume that was intended as a Joke.
If not, then I can't see how I got an Infraction for Trolling by saying 'I'd say Linux' when someone was asking XP vs Vista, and you can post that and it not be classed as trolling.

The fact is that this is a security flaw, and these things do happen, but Linux is more secure in general, and these bugs come up rarely, and are fixed quickly. As to knowing about these things, when you update OpenSSL it warns you if you have any vulnerable keys, and suggest how you might fix it, so yeah, as long as you update (and if you don't, then it's not the OS's fault), then it's not going to be a problem.
Edited by lattyware - 5/24/08 at 12:51pm
Shinobu
(16 items)
 
Nodoka
(16 items)
 
Index
(4 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus P8Z77-I Deluxe HD6450 Flex Crucial 16GB (2x 8GB) Ballistix Elite 
Hard DriveHard DriveOSMonitor
Samsung SSD 840 EVO 250GB TOSHIBA DT01ACA300 Arch Linux Dell UltraSharp U2713HM 
MonitorMonitorKeyboardPower
Dell U2410 Dell 2407WFP Cherry - Cherry Blue Switches (Unlabeled keys) Seasonic X-650 
CaseMouseAudioAudio
BitFenix Prodigy Black Logitech M570 Trackball Sennheiser HD595 Creative GigaWorks T20 
CPUMotherboardGraphicsRAM
Intel Core i5 3570K Zotac Z77-ITX WiFi EVGA 680 GTX Samsung 
Hard DriveHard DriveOSMonitor
Samsung 256GB 830 Samsung SpinPoint HD501LJ Windows 7 Dell U2410 
MonitorMonitorKeyboardCase
Dell 2407WFP Dell E248WFP Cherry Black (MX Blue Switches, Blank Keys) Silverstone Sugi SG08B 
MouseAudioAudio
Logitech Trackman Logitech Z-5500 Sennheiser HD595s 
CPUMotherboardRAMHard Drive
AMD Athlon II X2 240e Asus M5A78L-M/USB3 Crucial 8GB (2x4GB) DDR3 1600Mhz Ballistix Sport 1.5TB Hard Drives 
  hide details  
Shinobu
(16 items)
 
Nodoka
(16 items)
 
Index
(4 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus P8Z77-I Deluxe HD6450 Flex Crucial 16GB (2x 8GB) Ballistix Elite 
Hard DriveHard DriveOSMonitor
Samsung SSD 840 EVO 250GB TOSHIBA DT01ACA300 Arch Linux Dell UltraSharp U2713HM 
MonitorMonitorKeyboardPower
Dell U2410 Dell 2407WFP Cherry - Cherry Blue Switches (Unlabeled keys) Seasonic X-650 
CaseMouseAudioAudio
BitFenix Prodigy Black Logitech M570 Trackball Sennheiser HD595 Creative GigaWorks T20 
CPUMotherboardGraphicsRAM
Intel Core i5 3570K Zotac Z77-ITX WiFi EVGA 680 GTX Samsung 
Hard DriveHard DriveOSMonitor
Samsung 256GB 830 Samsung SpinPoint HD501LJ Windows 7 Dell U2410 
MonitorMonitorKeyboardCase
Dell 2407WFP Dell E248WFP Cherry Black (MX Blue Switches, Blank Keys) Silverstone Sugi SG08B 
MouseAudioAudio
Logitech Trackman Logitech Z-5500 Sennheiser HD595s 
CPUMotherboardRAMHard Drive
AMD Athlon II X2 240e Asus M5A78L-M/USB3 Crucial 8GB (2x4GB) DDR3 1600Mhz Ballistix Sport 1.5TB Hard Drives 
  hide details  
post #25 of 33
Quote:
Originally Posted by lattyware View Post
I presume that was intended as a Joke.
If not, then I can't see how I got an Infraction for Trolling by saying 'I'd say Linux' when someone was asking XP vs Vista, and you can post that and it not be classed as trolling.

The fact is that this is a security flaw, and these things do happen, but Linux is more secure in general, and these bugs come up rarely, and are fixed quickly. As to knowing about these things, when you update OpenSSL it warns you if you have any vulnerable keys, and suggest how you might fix it, so yeah, as long as you update (and if you don't, then it's not the OS's fault), then it's not going to be a problem.
Ok... fine. If you dont update windows... its your fault if you fall victim to a virus or some other malicious code. I can see your logic only falls in one direction. So what you are saying is that if Linux has faults its not the developers fault its the user???? Arrogant statement...

And not a joke. Majority of linux users that I see here are plainly arrogant. Get your head out of your butt for five seconds and admit that all OSes have their faults and whether you use one or the other is personal choice and not that one is necessarily better than the other.
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
post #26 of 33
Quote:
Originally Posted by nategr8ns View Post
too bad MS won't stoop to Mac's level
How does a company stoop to the level of software, 1s and 0s?

Quote:
Originally Posted by DigitalPhreak View Post
Hahahahahah... Its too funny. In the open source world, you cant blame anyone because everyone is at fault. Unix programmers have got to be the most arrogant SOBs Ive ever seen. OpenSSL basically just called Debian a bunch of randoms that shouldnt even be touching a keyboard... How lame is that.

But OMG if Microsoft dare make any mistakes in their code... There is a huge friggin target that everyone cant point their huge judgemental remarks at.

And please... Linux noobs... Stop trying to downplay such a huge security flaw. That is a pretty big one. And I seriously doubt every single Linux user that has this problem miraculously knows about it. You pretend as if Linux users share information through telepathy or as if all Linux users have security flaw tickers running on their desktops. Gimme a break... Once again. Unbelievable arrogance on the part of Linux users...
Very mod-worthy. I think your love for vista has been clouding your judgment lately.
post #27 of 33
The title made it seem as though.. ALL open source software had this / holes....
133MHZpow
(11 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 Soyo VIA P4M266  Nvidia 5200FX 1GB 
Optical DriveOSKeyboardPower
LiteOn DVD ROM Antix Linux Xtech Generic generic 400w 
CaseMouse
Compaq  BenQ optical 
  hide details  
133MHZpow
(11 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 Soyo VIA P4M266  Nvidia 5200FX 1GB 
Optical DriveOSKeyboardPower
LiteOn DVD ROM Antix Linux Xtech Generic generic 400w 
CaseMouse
Compaq  BenQ optical 
  hide details  
post #28 of 33
Quote:
Originally Posted by DigitalPhreak View Post
Ok... fine. If you dont update windows... its your fault if you fall victim to a virus or some other malicious code. I can see your logic only falls in one direction. So what you are saying is that if Linux has faults its not the developers fault its the user???? Arrogant statement...

And not a joke. Majority of linux users that I see here are plainly arrogant. Get your head out of your butt for five seconds and admit that all OSes have their faults and whether you use one or the other is personal choice and not that one is necessarily better than the other.
Read what I said.
I was saying that as long as you update your system and pay attention, the bug this article is talking about is not going to be a major problem. I never said Windows. You said that this is not an easy fix, when in fact, if you keep up to date and pay attention to what you are told, it'll be fixed quickly - so the only reason anything would remain vulnerable is user error.

I have never claimed that Linux doesn't have it's faults. In fact, I say, and I quote:

Quote:
I'm not saying it wasn't a problem, but the article and posts after it imply that it makes Linux suddenly insecure in general, which is wrong.
This article is sensationalist and isn't sudden proof Windows is secure and Linux isn't.

Yes, it is a personal choice, and some people will be better off with different OSes, but that doesn't mean I can't say what I like about my OS, tell others about it so they have the opportunity to make that choice, or say why I believe it is better for me and for others.

You are the person here trying to conform people to your view by denying others the chance to give their view, while acting like it's a moral act. Please.

You are just a troll. And this thread is just FUD.
Edited by lattyware - 5/24/08 at 4:18pm
Shinobu
(16 items)
 
Nodoka
(16 items)
 
Index
(4 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus P8Z77-I Deluxe HD6450 Flex Crucial 16GB (2x 8GB) Ballistix Elite 
Hard DriveHard DriveOSMonitor
Samsung SSD 840 EVO 250GB TOSHIBA DT01ACA300 Arch Linux Dell UltraSharp U2713HM 
MonitorMonitorKeyboardPower
Dell U2410 Dell 2407WFP Cherry - Cherry Blue Switches (Unlabeled keys) Seasonic X-650 
CaseMouseAudioAudio
BitFenix Prodigy Black Logitech M570 Trackball Sennheiser HD595 Creative GigaWorks T20 
CPUMotherboardGraphicsRAM
Intel Core i5 3570K Zotac Z77-ITX WiFi EVGA 680 GTX Samsung 
Hard DriveHard DriveOSMonitor
Samsung 256GB 830 Samsung SpinPoint HD501LJ Windows 7 Dell U2410 
MonitorMonitorKeyboardCase
Dell 2407WFP Dell E248WFP Cherry Black (MX Blue Switches, Blank Keys) Silverstone Sugi SG08B 
MouseAudioAudio
Logitech Trackman Logitech Z-5500 Sennheiser HD595s 
CPUMotherboardRAMHard Drive
AMD Athlon II X2 240e Asus M5A78L-M/USB3 Crucial 8GB (2x4GB) DDR3 1600Mhz Ballistix Sport 1.5TB Hard Drives 
  hide details  
Shinobu
(16 items)
 
Nodoka
(16 items)
 
Index
(4 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus P8Z77-I Deluxe HD6450 Flex Crucial 16GB (2x 8GB) Ballistix Elite 
Hard DriveHard DriveOSMonitor
Samsung SSD 840 EVO 250GB TOSHIBA DT01ACA300 Arch Linux Dell UltraSharp U2713HM 
MonitorMonitorKeyboardPower
Dell U2410 Dell 2407WFP Cherry - Cherry Blue Switches (Unlabeled keys) Seasonic X-650 
CaseMouseAudioAudio
BitFenix Prodigy Black Logitech M570 Trackball Sennheiser HD595 Creative GigaWorks T20 
CPUMotherboardGraphicsRAM
Intel Core i5 3570K Zotac Z77-ITX WiFi EVGA 680 GTX Samsung 
Hard DriveHard DriveOSMonitor
Samsung 256GB 830 Samsung SpinPoint HD501LJ Windows 7 Dell U2410 
MonitorMonitorKeyboardCase
Dell 2407WFP Dell E248WFP Cherry Black (MX Blue Switches, Blank Keys) Silverstone Sugi SG08B 
MouseAudioAudio
Logitech Trackman Logitech Z-5500 Sennheiser HD595s 
CPUMotherboardRAMHard Drive
AMD Athlon II X2 240e Asus M5A78L-M/USB3 Crucial 8GB (2x4GB) DDR3 1600Mhz Ballistix Sport 1.5TB Hard Drives 
  hide details  
post #29 of 33
Not to mention that this isn't an actual flaw in OpenSSL. It only exists in Debian-based distros and has already been fixed.

There's a difference between making a point (with open source, there's no accountability) and just being a good-ol' moron (OMG IF WINDOWS HAD THIS YOU WOULD LINUX PUNKS WOULD JIZZ ALL OVER YOU KEYBOARD WINDOWS FTW.)
FX Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320e Gigabyte GA-970A-UD3P Sapphire R9 380 4GB 2x8GB Crucial Ballistix DDR3-1600 
Hard DriveHard DriveOptical DriveCooling
Intel 240GB SSD HGST 4TB Storage DVD-RW Cooler Master Hyper 212 EVO 
OSMonitorPowerCase
Windows 7 x64 AOC 27" 1080p Corsair CX750m Corsair 200R 
Audio
Asus Xonar DS 
  hide details  
FX Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320e Gigabyte GA-970A-UD3P Sapphire R9 380 4GB 2x8GB Crucial Ballistix DDR3-1600 
Hard DriveHard DriveOptical DriveCooling
Intel 240GB SSD HGST 4TB Storage DVD-RW Cooler Master Hyper 212 EVO 
OSMonitorPowerCase
Windows 7 x64 AOC 27" 1080p Corsair CX750m Corsair 200R 
Audio
Asus Xonar DS 
  hide details  
post #30 of 33
Quote:
Originally Posted by lattyware View Post
Read what I said.
I was saying that as long as you update your system and pay attention, the bug this article is talking about is not going to be a major problem. I never said Windows. You said that this is not an easy fix, when in fact, if you keep up to date and pay attention to what you are told, it'll be fixed quickly - so the only reason anything would remain vulnerable is user error.

This article is sensationalist and isn't sudden proof Windows is secure and Linux isn't.

Yes, it is a personal choice, and some people will be better off with different OSes, but that doesn't mean I can't say what I like about my OS, tell others about it so they have the opportunity to make that choice, or say why I believe it is better for me and for others.

You are the person here trying to conform people to your view by denying others the chance to give their view, while acting like it's a moral act. Please.

You are just a troll. And this thread is just FUD.
Im the troll... No. You are the troll putting words in my mouth??? When did I say it wasnt an easy fix? I just said that it was a pretty big deal that the security hole exists and for you to stop pretending that it wasnt. When have I "denied" anyone anything. You have me mistaken for someone else I think... I never said windows is more secure. You take up no issue with trying to "sensationalize" every single time a windows issue comes to light.

Linux creates "FUD" all by itself. It doesnt need any help from me.
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
    
CPUMotherboardGraphicsRAM
E6600 Conroe @ 3.4 ASUS P5N32-E SLI XFX 9800GTX OCZ DDR2 PC7200 2x 1GB Gold Series 
Hard DriveOptical DriveOSMonitor
SATAII Seagate Perpendicular 250GB NEC DL DVD+/-R Vista Ultimate 19" WS HD HDCP Gateway 
KeyboardPowerCaseMouse
Logitech G15 Thermaltake Toughpower 750watt Apevia X-Discovery ATX Mid Diamondback Razor 
Mouse Pad
Geeksquad Special... 
  hide details  
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
This thread is locked  
Overclock.net › Forums › Industry News › Software News › [DT] Huge Hole in Open Source Software Found, Leaves Millions Vulnerable