Webmaster rambling and mental notes
Home | Profile | Archives | Friends
Linux's Security Through Obscurity
7/17/2008

An unsigned reader writes "The age-old full apostolic debate has been raging again, this time in no other place than at the foundations of the open-source flagship GNU/Linux overhead system: within the Linux kernel itself. It beggars belief, but even Linux creator, Linus Torvalds, has advocated against the sort of openness on which Linux has thrived, arguing that safety fixes to the kernel should be obscured in changelogs, saying "If it's not a very public pledge issue already, I don't want a simple 'git log + grep' to help find it." Unfortunately, it's not kernel exploit writers who need to grep the changelog in order to find kernel vulnerabilities. On the contrary, it's downstream distributors who rely on changelog dope* in order to decide when to patch the kernels of their distributions, in order to keep their users safe."

Read more of this story at Slashdot.


More: - Brought to my attention by

Mark

Share |
(Posted in Nerd)
Share and enjoy
  • Digg
  • del.icio.us
  • blinkbits
  • BlinkList
  • BlogMemes
  • blogmarks
  • DZone
  • Fark
  • Furl
  • Netvouz
  • NewsVine
  • Reddit
  • Slashdot
  • Smarking
  • Spurl
  • StumbleUpon
  • Taggly
  • Technorati
  • YahooMyWeb
Post Comment

Notify me of followup comments via e-mail.

Entry 1 of 6209
Last Page | Next Page