For almost three years, millions of servers and smaller devices running Linux have been vulnerable to attacks that allow an unprivileged app or user to gain nearly unfettered root access.
now it's out in the open...
http://www.pcworld.com/article/3023870/security/linux-kernel-flaw-endangers-millions-o...d-devices.html
linux geeks need to hide in shame for awhile. so much bragging, now so much harm may come.
+ Reply to Thread
Results 1 to 5 of 5
-
--
"a lot of people are better dead" - prisoner KSC2-303 -
That's nothing, take a look at this one ^^
http://www.it.slashdot.org/story/08/05/13/1533212/debian-bug-leaves-private-sslssh-keys-guessable
These bugs are frequent for all OS, this one is a problem for all the unpatchable devices around.
See also:
https://en.wikipedia.org/wiki/Stagefright_%28bug%29 -
But isn't this just another local privilege escalation exploit? It's nothing new on linux, but it's still only local. The only special thing seems to be that it also affects ARM. This is nothing like heartbleed.
-
Linux bugs like this get all over the news because, being open source, you can't hide them like some other OSes I could mention ....
Bugs in cryptography can just sit there hiding in plain sight for years. There's some extremely advanced math there involving math theory. Even if it's open source there aren't many people out there who can understand it. -
There's bugs in all OSes, some years ago it was discovered that someone had purposely added a backdoor to OpenBSD, widely considered the most secure OS, with only a small handful of exploits in over 15 years. the backdoor was discovered after a source code audit exposed it but it was so clever it was only a few lines of code that effectively left the whole OS exposed for those that new what to look for.
FreeBSD had an exploit that allowed hackers to hack the PS4; be that as it may *nixes are still way more secure than Windows has ever been. At least with open source OSes code auditors can find the flaw, one can only begin to imagine how many backdoors Win 10 has.
I'll put up a hardened Linux server against a hardened Windows server any day of the week.
Similar Threads
-
Linux based video reencoder
By mtt in forum Video ConversionReplies: 3Last Post: 2nd Feb 2015, 10:46 -
Linux based DVD/Blu-ray player
By Rajendra.b in forum Newbie / General discussionsReplies: 1Last Post: 2nd Jan 2015, 17:37 -
exploit warning
By aedipuss in forum FeedbackReplies: 3Last Post: 29th Apr 2013, 14:49 -
iGrabber and/or Pinnacle MovieBox Deluxe drivers for Linux-based systems?
By TrackingError in forum LinuxReplies: 1Last Post: 25th Dec 2012, 20:14 -
frame servers - AvxSynth on Linux
By hgurol in forum Video ConversionReplies: 0Last Post: 30th Jul 2012, 00:02