Science and Technology : Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Discussion in 'Science and Technology' started by Gorilla, Mar 5, 2014.

  1. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,455
    Likes Received:
    1,372
    Gender:
    Male
    Ratings:
    +1,389
    Full article: http://arstechnica.com/security/201...linux-hundreds-of-apps-open-to-eavesdropping/

    Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

    This GnuTLS bug is worse than the big Apple "goto fail" bug patched last week.
    arstechnica.com
     
  2. Kemetstry

    Kemetstry going above and beyond PREMIUM MEMBER

    Country:
    United States
    Joined:
    Feb 19, 2001
    Messages:
    22,812
    Likes Received:
    5,296
    Gender:
    Male
    Occupation:
    Chemist
    Location:
    Detroit
    Ratings:
    +6,403
  3. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,455
    Likes Received:
    1,372
    Gender:
    Male
    Ratings:
    +1,389

    Some people are fascinated by understanding how something works, and experimenting. Add a general interest in code or security, and it can be a great benefit.

    GnuTLS, if I understand correctly, is part of Debian's favored projects because of licensing. It stands to reason that this improvement will trickle out to a lot of users.

    One more security hole closed is another one that can't be exploited by criminals or state actors.
     
  4. Kemetstry

    Kemetstry going above and beyond PREMIUM MEMBER

    Country:
    United States
    Joined:
    Feb 19, 2001
    Messages:
    22,812
    Likes Received:
    5,296
    Gender:
    Male
    Occupation:
    Chemist
    Location:
    Detroit
    Ratings:
    +6,403


    I guess we'll need to open cyber prisons soon. Someone with that talent can make so much more money going legit though






    .
     
  5. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,455
    Likes Received:
    1,372
    Gender:
    Male
    Ratings:
    +1,389

    No one has done anything negative with this as far as I know.

    As for going legit, that depends. There are people out there who like to buy up undisclosed/non-public exploits and vulnerabilities. They can fetch a pretty penny.
     
  6. Kemetstry

    Kemetstry going above and beyond PREMIUM MEMBER

    Country:
    United States
    Joined:
    Feb 19, 2001
    Messages:
    22,812
    Likes Received:
    5,296
    Gender:
    Male
    Occupation:
    Chemist
    Location:
    Detroit
    Ratings:
    +6,403


    But that's a short term gain





    .
     
  7. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,455
    Likes Received:
    1,372
    Gender:
    Male
    Ratings:
    +1,389
Loading...