Sunday, May 25th 2008

Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.Source: Daily Tech
Add your own comment

10 Comments on Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

#1
jocksteeluk
On the brighter side since the software is open source there shouldn't be anyone to sue.
Posted on Reply
#2
WarEagleAU
Bird of Prey
Haha, thats right Jocksteel. Hopefully, nothing major will come from this.
Posted on Reply
#3
pentastar111
Well there goes the "alternate" OS's claims of being more "secure" than Windows..:rolleyes:..Hmmm...I guess if someone has the know-how and the smarts for it, anything can be hacked..:shadedshu
Posted on Reply
#4
Shyska
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.
Posted on Reply
#5
iLLz
by: Shyska
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.
How about you click the source link which has plenty of info and links for you to click!
Posted on Reply
#6
Haytch
The patch was released ages ago. Its opensource. Here's your free chill pill. Wooohooo
Posted on Reply
#7
Shyska
by: iLLz
How about you click the source link which has plenty of info and links for you to click!
Have you tried? ;)
No offence, just refering something more trustworthy would make much more sence on such a case. Don't you agree?
Posted on Reply
#8
beyond_amusia
Linux is not immune to hackers and malware, and niether is OS X; they are not widely exploited because they are not widely used by home users.
Posted on Reply
#10
Davidelmo
Of course they aren't immune, but they are less used (and thus less popular with hackers etc.)

If someone wants to steal bank details, it's easier on a family compuer with kids and parents using it, rather than a linux machine with a 22yr old computer geek using it. The operating system is only one factor, and most "hacks" are often from human error anyway (i.e. having stupidly easy passwords, clicking ads wih viruses etc)
Posted on Reply