• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

zekrahminator

McLovin
Joined
Jan 29, 2006
Messages
9,066 (1.37/day)
Location
My house.
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.

View at TechPowerUp Main Site
 

jocksteeluk

New Member
Joined
Jan 23, 2006
Messages
1,455 (0.22/day)
Location
The 13th room on the 13th floor of the 13th buildi
Processor custom dupont risk chip cpu prototype
Motherboard custom ibm x5 solid state carbon mainboard
Cooling industrial technologies prototype dupont custom heat transfer unit
Memory 6x 2gig prototype ecc hnc ddr4
Video Card(s) prototype low energy version nvidia 9 series unnumberd card
Storage 1tb solid state hdd
Display(s) 44 inch samsung plasma screen tv/monitor
Case custom ibm mobile home server case
Audio Device(s) custom Yamaha sound processing processor in spm format
Power Supply 1200watt deli cord custom made dupont type psu
Software sun unix/windows type v
On the brighter side since the software is open source there shouldn't be anyone to sue.
 

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,812 (1.67/day)
Location
Gurley, AL
System Name Pandemic 2020
Processor AMD Ryzen 5 "Gen 2" 2600X
Motherboard AsRock X470 Killer Promontory
Cooling CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory 32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s) ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s) ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case Fractal Define R6 C
Audio Device(s) Realtek 5.1 Onboard
Power Supply Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse Razer Death Adder
Keyboard Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software Windows 10 Pro x64
Haha, thats right Jocksteel. Hopefully, nothing major will come from this.
 
Joined
Aug 18, 2006
Messages
993 (0.15/day)
Location
Los Angeles...U.S.A
Processor i7 920
Motherboard EVGA X58
Cooling eight 120mm fans, Swiftech GTZ cpu block, 3 120mm radiator, MCP655 pump, primochill tubing
Memory 6 gig G-Skill DDR3 1600
Video Card(s) GTX 285's (SLI)
Storage 500GB Western Digital
Display(s) 3 Asus 23 in inchers
Case Lian Li A77B
Audio Device(s) on board 7.1
Power Supply Corsair 1000
Software win 7 64
Well there goes the "alternate" OS's claims of being more "secure" than Windows..:rolleyes:..Hmmm...I guess if someone has the know-how and the smarts for it, anything can be hacked..:shadedshu
 

Shyska

New Member
Joined
Sep 7, 2005
Messages
158 (0.02/day)
Processor AMD Athlon64 3000+ Venice @2.5GHz
Motherboard Asus A8N-E :(this board limits my cpu overclock ):
Cooling CPU box, GPU Zalman VF700-Cu
Memory 2x512MB PC3200 @227MHz
Video Card(s) Sapphire X850XT 256MB PCI-E @ 605/618
Storage 40GB & 120GB Maxtors
Power Supply Generic 400W
Software Windows XP Pro SP2 | Debian GNU/Linux <sarge>
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.
 
Joined
Aug 10, 2007
Messages
96 (0.02/day)
Location
West Deptford, NJ
System Name iLLz-CreaTionZ
Processor Intel Core i5 6600K @ 4.5 Ghz
Motherboard Asus Z170-A
Cooling Cooler Master Hyper 212 EVO
Memory 16GB G.SKILL TridentX DDR4 @ 3000 Mhz
Video Card(s) eVGA GTX 960 SSC 4GB @ 1287 MHz Core (1400 MHz Boost)
Storage Corsair Force SSD 240GB; 2 x Seagate 7200.10 320GB RAID 0; 1 x WD 1TB; External Seagate Pro 500GB
Display(s) Samsung SyncMaster 226BW
Case DeepCool Tesseract
Power Supply PCP&C SilentCool 750 Quad Black
Mouse Logitech G500
Keyboard Razer DeathStalker
Software Windows 10 x64 Pro
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.

How about you click the source link which has plenty of info and links for you to click!
 
Joined
Apr 7, 2008
Messages
633 (0.11/day)
Location
Australia
System Name _Speedforce_ (Successor to Strike-X, 4LI3NBR33D-H, Core-iH7 & Nemesis-H)
Processor Intel Core i9 7980XE (Lapped) @ 5.2Ghz With XSPC Raystorm (Lapped)
Motherboard Asus Rampage VI Extreme (XSPC Watercooled) - Custom Heatsinks (Lapped)
Cooling XSPC Custom Water Cooling + Custom Air Cooling (From Delta 220's TFB1212GHE to Spal 30101504&5)
Memory 8x 8Gb G.Skill Trident Z RGB 4266MHz @ 4667Mhz (2x F4-4266C17Q-32GTZR)
Video Card(s) 3x Asus GTX1080 Ti (Lapped) With Customised EK Waterblock (Lapped) + Custom heatsinks (Lapped)
Storage 1x Samsung 970 EVO 2TB - 2280 (Hyper M.2 x16 Card), 7x Samsung 860 Pro 4Tb
Display(s) 6x Asus ROG Swift PG348Q
Case Aerocool Strike X (Modified)
Audio Device(s) Creative Sound BlasterX AE-5 & Aurvana XFi Headphones
Power Supply 2x Corsair AX1500i With Custom Sheilding, Custom Switching Unit. Braided Cables.
Mouse Razer Copperhead + R.A.T 9
Keyboard Ideazon Zboard + Optimus Maximus. Logitech G13.
Software w10 Pro x64.
Benchmark Scores pppft, gotta see it to believe it. . .
The patch was released ages ago. Its opensource. Here's your free chill pill. Wooohooo
 

Shyska

New Member
Joined
Sep 7, 2005
Messages
158 (0.02/day)
Processor AMD Athlon64 3000+ Venice @2.5GHz
Motherboard Asus A8N-E :(this board limits my cpu overclock ):
Cooling CPU box, GPU Zalman VF700-Cu
Memory 2x512MB PC3200 @227MHz
Video Card(s) Sapphire X850XT 256MB PCI-E @ 605/618
Storage 40GB & 120GB Maxtors
Power Supply Generic 400W
Software Windows XP Pro SP2 | Debian GNU/Linux <sarge>
How about you click the source link which has plenty of info and links for you to click!

Have you tried? ;)
No offence, just refering something more trustworthy would make much more sence on such a case. Don't you agree?
 

beyond_amusia

New Member
Joined
Feb 20, 2007
Messages
1,140 (0.18/day)
Location
Baltimore, Maryland
System Name Cozad (Asus G60JX)
Processor Core i5 M 430
Memory 8 GB DDR3 1066
Video Card(s) nVidia GeForce 360M
Storage 500GB
Display(s) 16 inch LED LCD
Software Windows 7 Ultimate x64 SP1
Linux is not immune to hackers and malware, and niether is OS X; they are not widely exploited because they are not widely used by home users.
 

Davidelmo

New Member
Joined
Oct 30, 2007
Messages
330 (0.06/day)
Processor Intel i7 920 @4.20Ghz
Motherboard Gigabyte EX58 UD5
Cooling Titan Fenrir
Memory 6Gb Patriot 1600Mhz
Video Card(s) ATI HD4870 1Gb
Storage 2x250Gb Seagate Barracuda (RAID 0) plus 2B storage
Display(s) Samsung 22 inch Widescreen
Case Coolermaster HAF 932
Audio Device(s) Auzen Prelude 7.1
Power Supply PCP&P 750W Silencer
Software Win7 beta
Of course they aren't immune, but they are less used (and thus less popular with hackers etc.)

If someone wants to steal bank details, it's easier on a family compuer with kids and parents using it, rather than a linux machine with a 22yr old computer geek using it. The operating system is only one factor, and most "hacks" are often from human error anyway (i.e. having stupidly easy passwords, clicking ads wih viruses etc)
 
Top