• We've upgraded our forums. Please post any issues/requests in this thread.

Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

Joined
Jan 29, 2006
Messages
9,066 (2.09/day)
Likes
287
Location
My house.
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
#1
When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.

Show full news post
 
Joined
Jan 23, 2006
Messages
1,455 (0.33/day)
Likes
43
Location
The 13th room on the 13th floor of the 13th buildi
Processor custom dupont risk chip cpu prototype
Motherboard custom ibm x5 solid state carbon mainboard
Cooling industrial technologies prototype dupont custom heat transfer unit
Memory 6x 2gig prototype ecc hnc ddr4
Video Card(s) prototype low energy version nvidia 9 series unnumberd card
Storage 1tb solid state hdd
Display(s) 44 inch samsung plasma screen tv/monitor
Case custom ibm mobile home server case
Audio Device(s) custom Yamaha sound processing processor in spm format
Power Supply 1200watt deli cord custom made dupont type psu
Software sun unix/windows type v
#2
On the brighter side since the software is open source there shouldn't be anyone to sue.
 

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,809 (2.59/day)
Likes
529
Location
Gurley, AL
System Name Boddha Getta Boddha Getta Bah!
Processor AMD FX 6100 @ 4.432Ghz @1.382
Motherboard ASUS M5A99X EVO AMD 990X AMD SB950
Cooling Custom Water. EK 240MM Kit, Supreme HSF - Runs 35C
Memory 2 x 4GB Corsair Vengeance White LP @ 1.35V
Video Card(s) XFX Radeon HD 6870 980/1100
Storage WD Caviar Black 1.0TB, WD Caviar Green 1.0TB, WD 160GB
Display(s) Asus VH222/S 22: (21.5" Viewable) 1920x1080p HDMI LCD Monitor
Case NZXT White Switch 810
Audio Device(s) Onboard Realtek 5.1
Power Supply NZXT Hale 90 Gold Cert 750W Modular PSU
Software Windows 8.1 Profession 64 Bit
#3
Haha, thats right Jocksteel. Hopefully, nothing major will come from this.
 
Joined
Aug 18, 2006
Messages
993 (0.24/day)
Likes
31
Location
Los Angeles...U.S.A
Processor i7 920
Motherboard EVGA X58
Cooling eight 120mm fans, Swiftech GTZ cpu block, 3 120mm radiator, MCP655 pump, primochill tubing
Memory 6 gig G-Skill DDR3 1600
Video Card(s) GTX 285's (SLI)
Storage 500GB Western Digital
Display(s) 3 Asus 23 in inchers
Case Lian Li A77B
Audio Device(s) on board 7.1
Power Supply Corsair 1000
Software win 7 64
#4
Well there goes the "alternate" OS's claims of being more "secure" than Windows..:rolleyes:..Hmmm...I guess if someone has the know-how and the smarts for it, anything can be hacked..:shadedshu
 

Shyska

New Member
Joined
Sep 7, 2005
Messages
158 (0.04/day)
Likes
16
Processor AMD Athlon64 3000+ Venice @2.5GHz
Motherboard Asus A8N-E :(this board limits my cpu overclock ):
Cooling CPU box, GPU Zalman VF700-Cu
Memory 2x512MB PC3200 @227MHz
Video Card(s) Sapphire X850XT 256MB PCI-E @ 605/618
Storage 40GB & 120GB Maxtors
Power Supply Generic 400W
Software Windows XP Pro SP2 | Debian GNU/Linux <sarge>
#5
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.
 
Joined
Aug 10, 2007
Messages
96 (0.03/day)
Likes
18
Location
West Deptford, NJ
System Name iLLz-CreaTionZ
Processor Intel Core i5 6600K @ 4.5 Ghz
Motherboard Asus Z170-A
Cooling Cooler Master Hyper 212 EVO
Memory 16GB G.SKILL TridentX DDR4 @ 3000 Mhz
Video Card(s) eVGA GTX 960 SSC 4GB @ 1287 MHz Core (1400 MHz Boost)
Storage Corsair Force SSD 240GB; 2 x Seagate 7200.10 320GB RAID 0; 1 x WD 1TB; External Seagate Pro 500GB
Display(s) Samsung SyncMaster 226BW
Case DeepCool Tesseract
Power Supply PCP&C SilentCool 750 Quad Black
Mouse Logitech G500
Keyboard Razer DeathStalker
Software Windows 10 x64 Pro
#6
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.
How about you click the source link which has plenty of info and links for you to click!
 
Joined
Apr 7, 2008
Messages
632 (0.18/day)
Likes
64
Location
Australia
System Name _Speedforce_ (Successor to Strike-X, 4LI3NBR33D-H, Core-iH7 & Nemesis-H)
Processor Intel Core i9 7900X (Lapped) @ 4.9Ghz With XSPC Raystorm (Lapped)
Motherboard Asus Prime X299 Deluxe (XSPC Watercooled) - Custom Heatsinks
Cooling XSPC Custom Water Cooling + Custom Air Cooling (From Delta 120's TFB1212GHE to Spal 30101504&5)
Memory 8x 8Gb Corsair Dominator Platinum 3400MHz @ 3667Mhz (CMU32GX4M4C3466C16)
Video Card(s) 3x Asus GTX1080 Ti (Lapped) With Customised EK Waterblock (Lapped) + Custom heatsinks (Lapped)
Storage 5x Samsung 960 Pro 1Tb M.2 2280 (Hyper M.2 x16 Card), 1x Samsung 850 Pro 1Tb, 6x Samsung EVO 850 4Tb
Display(s) 6x Asus ROG Swift PG27AQ
Case Aerocool Strike X (Modified)
Audio Device(s) Creative Sound BlasterX AE-5 & Aurvana XFi Headphones
Power Supply 2x Corsair AX1500i With Custom Sheilding, Custom Switching Unit. Braided Cables.
Mouse Razer Copperhead + R.A.T 9
Keyboard Ideazon Zboard + Optimus Maximus. Logitech G13.
Software w10 Pro x64.
Benchmark Scores pppft, gotta see it to believe it. . .
#7
The patch was released ages ago. Its opensource. Here's your free chill pill. Wooohooo
 

Shyska

New Member
Joined
Sep 7, 2005
Messages
158 (0.04/day)
Likes
16
Processor AMD Athlon64 3000+ Venice @2.5GHz
Motherboard Asus A8N-E :(this board limits my cpu overclock ):
Cooling CPU box, GPU Zalman VF700-Cu
Memory 2x512MB PC3200 @227MHz
Video Card(s) Sapphire X850XT 256MB PCI-E @ 605/618
Storage 40GB & 120GB Maxtors
Power Supply Generic 400W
Software Windows XP Pro SP2 | Debian GNU/Linux <sarge>
#8
How about you click the source link which has plenty of info and links for you to click!
Have you tried? ;)
No offence, just refering something more trustworthy would make much more sence on such a case. Don't you agree?
 
Joined
Feb 20, 2007
Messages
1,140 (0.29/day)
Likes
63
Location
Baltimore, Maryland
System Name Cozad (Asus G60JX)
Processor Core i5 M 430
Memory 8 GB DDR3 1066
Video Card(s) nVidia GeForce 360M
Storage 500GB
Display(s) 16 inch LED LCD
Software Windows 7 Ultimate x64 SP1
#9
Linux is not immune to hackers and malware, and niether is OS X; they are not widely exploited because they are not widely used by home users.
 

Davidelmo

New Member
Joined
Oct 30, 2007
Messages
330 (0.09/day)
Likes
21
Processor Intel i7 920 @4.20Ghz
Motherboard Gigabyte EX58 UD5
Cooling Titan Fenrir
Memory 6Gb Patriot 1600Mhz
Video Card(s) ATI HD4870 1Gb
Storage 2x250Gb Seagate Barracuda (RAID 0) plus 2B storage
Display(s) Samsung 22 inch Widescreen
Case Coolermaster HAF 932
Audio Device(s) Auzen Prelude 7.1
Power Supply PCP&P 750W Silencer
Software Win7 beta
#11
Of course they aren't immune, but they are less used (and thus less popular with hackers etc.)

If someone wants to steal bank details, it's easier on a family compuer with kids and parents using it, rather than a linux machine with a 22yr old computer geek using it. The operating system is only one factor, and most "hacks" are often from human error anyway (i.e. having stupidly easy passwords, clicking ads wih viruses etc)