Sunday, May 25th 2008
Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb
When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.
Source:
Daily Tech
10 Comments on Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb
@zekrahminator: Please consider some research before posting such serious accusations.
No offence, just refering something more trustworthy would make much more sence on such a case. Don't you agree?
mac got pwnd and windows and linux survived.......yeah thats proof whos more secure :P
If someone wants to steal bank details, it's easier on a family compuer with kids and parents using it, rather than a linux machine with a 22yr old computer geek using it. The operating system is only one factor, and most "hacks" are often from human error anyway (i.e. having stupidly easy passwords, clicking ads wih viruses etc)