Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

zekrahminator · May 25, 2008

When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.

View at TechPowerUp Main Site

jocksteeluk · May 25, 2008

On the brighter side since the software is open source there shouldn't be anyone to sue.

WarEagleAU · May 26, 2008

Haha, thats right Jocksteel. Hopefully, nothing major will come from this.

pentastar111 · May 26, 2008

Well there goes the "alternate" OS's claims of being more "secure" than Windows.. :rolleyes:

..Hmmm...I guess if someone has the know-how and the smarts for it, anything can be hacked..:shadedshu

Shyska · May 26, 2008

Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.

iLLz · May 27, 2008

Shyska said:
Why it doesn't surprise me that there are no legitimate sources on this topic...

@zekrahminator: Please consider some research before posting such serious accusations.

How about you click the source link which has plenty of info and links for you to click!

Haytch · May 27, 2008

The patch was released ages ago. Its opensource. Here's your free chill pill. Wooohooo

Shyska · May 27, 2008

iLLz said:
How about you click the source link which has plenty of info and links for you to click!

Have you tried?

No offence, just refering something more trustworthy would make much more sence on such a case. Don't you agree?

beyond_amusia · May 27, 2008

Linux is not immune to hackers and malware, and niether is OS X; they are not widely exploited because they are not widely used by home users.

Rebo&Zooty · May 27, 2008

http://www.dailytech.com/Apples+Safari+Security+Woes/article11299.htm

mac got pwnd and windows and linux survived.......yeah thats proof whos more secure

Davidelmo · May 27, 2008

Of course they aren't immune, but they are less used (and thus less popular with hackers etc.)

If someone wants to steal bank details, it's easier on a family compuer with kids and parents using it, rather than a linux machine with a 22yr old computer geek using it. The operating system is only one factor, and most "hacks" are often from human error anyway (i.e. having stupidly easy passwords, clicking ads wih viruses etc)

Processor	AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard	Gigabyte sumthin-or-another, it's got an nForce 430
Cooling	Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory	2GB G.Skill DDR2 800
Video Card(s)	Sapphire X850XT @ 580/600
Storage	WD 160 GB SATA hard drive.
Display(s)	Hanns G 19" widescreen, 5ms response time, 1440x900
Case	Thermaltake Soprano (black with side window).
Audio Device(s)	Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply	ThermalTake 430W TR2
Software	XP Home SP2, can't wait for Vista SP1.

Processor	custom dupont risk chip cpu prototype
Motherboard	custom ibm x5 solid state carbon mainboard
Cooling	industrial technologies prototype dupont custom heat transfer unit
Memory	6x 2gig prototype ecc hnc ddr4
Video Card(s)	prototype low energy version nvidia 9 series unnumberd card
Storage	1tb solid state hdd
Display(s)	44 inch samsung plasma screen tv/monitor
Case	custom ibm mobile home server case
Audio Device(s)	custom Yamaha sound processing processor in spm format
Power Supply	1200watt deli cord custom made dupont type psu
Software	sun unix/windows type v

System Name	Pandemic 2020
Processor	AMD Ryzen 5 "Gen 2" 2600X
Motherboard	AsRock X470 Killer Promontory
Cooling	CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory	32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s)	ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage	WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s)	ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case	Fractal Define R6 C
Audio Device(s)	Realtek 5.1 Onboard
Power Supply	Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse	Razer Death Adder
Keyboard	Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software	Windows 10 Pro x64

Processor	i7 920
Motherboard	EVGA X58
Cooling	eight 120mm fans, Swiftech GTZ cpu block, 3 120mm radiator, MCP655 pump, primochill tubing
Memory	6 gig G-Skill DDR3 1600
Video Card(s)	GTX 285's (SLI)
Storage	500GB Western Digital
Display(s)	3 Asus 23 in inchers
Case	Lian Li A77B
Audio Device(s)	on board 7.1
Power Supply	Corsair 1000
Software	win 7 64

Processor	AMD Athlon64 3000+ Venice @2.5GHz
Motherboard	Asus A8N-E :(this board limits my cpu overclock ):
Cooling	CPU box, GPU Zalman VF700-Cu
Memory	2x512MB PC3200 @227MHz
Video Card(s)	Sapphire X850XT 256MB PCI-E @ 605/618
Storage	40GB & 120GB Maxtors
Power Supply	Generic 400W
Software	Windows XP Pro SP2 \| Debian GNU/Linux <sarge>

Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

zekrahminator

McLovin

jocksteeluk

New Member

WarEagleAU

Bird of Prey

pentastar111

Shyska

New Member

iLLz

Haytch

Shyska

New Member

beyond_amusia

New Member

Rebo&Zooty

New Member

Davidelmo

New Member

System Name	iLLz-CreaTionZ
Processor	Intel Core i5 6600K @ 4.5 Ghz
Motherboard	Asus Z170-A
Cooling	Cooler Master Hyper 212 EVO
Memory	16GB G.SKILL TridentX DDR4 @ 3000 Mhz
Video Card(s)	eVGA GTX 960 SSC 4GB @ 1287 MHz Core (1400 MHz Boost)
Storage	Corsair Force SSD 240GB; 2 x Seagate 7200.10 320GB RAID 0; 1 x WD 1TB; External Seagate Pro 500GB
Display(s)	Samsung SyncMaster 226BW
Case	DeepCool Tesseract
Power Supply	PCP&C SilentCool 750 Quad Black
Mouse	Logitech G500
Keyboard	Razer DeathStalker
Software	Windows 10 x64 Pro

System Name	_Speedforce_ (Successor to Strike-X, 4LI3NBR33D-H, Core-iH7 & Nemesis-H)
Processor	Intel Core i9 7980XE (Lapped) @ 5.2Ghz With XSPC Raystorm (Lapped)
Motherboard	Asus Rampage VI Extreme (XSPC Watercooled) - Custom Heatsinks (Lapped)
Cooling	XSPC Custom Water Cooling + Custom Air Cooling (From Delta 220's TFB1212GHE to Spal 30101504&5)
Memory	8x 8Gb G.Skill Trident Z RGB 4266MHz @ 4667Mhz (2x F4-4266C17Q-32GTZR)
Video Card(s)	3x Asus GTX1080 Ti (Lapped) With Customised EK Waterblock (Lapped) + Custom heatsinks (Lapped)
Storage	1x Samsung 970 EVO 2TB - 2280 (Hyper M.2 x16 Card), 7x Samsung 860 Pro 4Tb
Display(s)	6x Asus ROG Swift PG348Q
Case	Aerocool Strike X (Modified)
Audio Device(s)	Creative Sound BlasterX AE-5 & Aurvana XFi Headphones
Power Supply	2x Corsair AX1500i With Custom Sheilding, Custom Switching Unit. Braided Cables.
Mouse	Razer Copperhead + R.A.T 9
Keyboard	Ideazon Zboard + Optimus Maximus. Logitech G13.
Software	w10 Pro x64.
Benchmark Scores	pppft, gotta see it to believe it. . .

System Name	Cozad (Asus G60JX)
Processor	Core i5 M 430
Memory	8 GB DDR3 1066
Video Card(s)	nVidia GeForce 360M
Storage	500GB
Display(s)	16 inch LED LCD
Software	Windows 7 Ultimate x64 SP1

Processor	Intel i7 920 @4.20Ghz
Motherboard	Gigabyte EX58 UD5
Cooling	Titan Fenrir
Memory	6Gb Patriot 1600Mhz
Video Card(s)	ATI HD4870 1Gb
Storage	2x250Gb Seagate Barracuda (RAID 0) plus 2B storage
Display(s)	Samsung 22 inch Widescreen
Case	Coolermaster HAF 932
Audio Device(s)	Auzen Prelude 7.1
Power Supply	PCP&P 750W Silencer
Software	Win7 beta