Tag Archives: exploit

GnuTLS: Just because people can read the source, doesn’t mean that they do

I don’t want to spend too much time on this topic… Just want to get this out there. As you may have heard, a vulnerability was discovered in GnuTLS, because of sloppy coding: http://blog.existentialize.com/the-story-of-the-gnutls-bug.html I want to stress two points … Continue reading

Posted in Software development, Software news | Tagged , , , , , , , , | 10 Comments

Hand of Thief: commercial linux malware kit

I hate to disappoint those who thought linux was an extremely secure OS for which no malware exists. There is indeed malware for linux, and in fact, some of it is being sold, and is out there in the wild, … Continue reading

Posted in Software news | Tagged , , , , , , , | 14 Comments

Speak of the devil… Ubuntu forums hacked

I had only done a blog on Linux yesterday, and there is already some more news of obvious incompetence in the Linux world. The forums of Ubuntu, the most popular Linux distribution, have been hacked. Currently there is an announcement with … Continue reading

Posted in Software news | Tagged , , , , , , , , , , , | 14 Comments

The myth of linux/open source security

I have tried to warn about the myth that is security in the open source world before. Today there is another big security issue in Linux: http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/ As the article points out: the problem is not just the vulnerability itself, … Continue reading

Posted in Software news | Tagged , , , , , , , , , , , , , | 13 Comments

Another root exploit for linux

A few days ago, the following exploit was published: http://blog.zx2c4.com/749 Another small step in debunking the myth of linux security. What is also interesting is that this bug was introduced only recently: In 2.6.39, the protections against unauthorized access to … Continue reading

Posted in Software development, Software news | Tagged , , , , | 3 Comments