And here is an irreverent summary of what getting involved developing and using Linux is all about...

Grab your beer and nibbles and enjoy the irreverent but thoughtful fun:


Youtube: "Linux Sucks" - 2014

Bryan Lunduke
Recorded live at LinuxFest Northwest on April 26th, 2014

(Note, also includes irreverent language.)



Is that really how the world of GNU/Linux is put together?!

Amazin' it all works as well as it does! ;-)



Can also simply be used for free of cost and freedom of use.

IT is very much what we make it!
Martin


The "Bazaar" reference is to:

esr's The Cathedral and the Bazaar

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

Another *nix issue - shared memory not secured.
http://phys.org/news/2014-08-hacking-gmail-percent-success.html

They demonstrated the hack in an Android phone.

The researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested. Among the apps they easily hacked were Gmail, CHASE Bank and H&R Block. Amazon, with a 48 percent success rate, was the only app they tested that was difficult to penetrate.

---

Gary, martin reminds me of the movie The wizard of OZZ. remember when Toto opend the curatain on the fake wizard? And then we herad the booming voice say, PAY no attention to the man behind the curtain!!
What ever you say Bad about Linux we get the same response.

---

[/quote]

Old James

Imagine, Linux hits Antarctica! :)

---

rOZZ
Music
Pictures

What ever you say Bad about Linux we get the same response.

Yes, I know. This time however allowing one unprivileged application to see another applications data, can only be a kernel fault. As described it sounds much more like a design flaw rather than a simple bug. As such it would have been there since version zero. A very long time for all those eyeballs to be looking at it and not seeing it and fixing it.

---

http://www.datamation.com/open-source/can-commercial-linux-gaming-succeed-1.html

Linux games have always been one of the goals of free software. If game developers could only be persuaded to develop for Linux, the daydream goes, the operating system would start to gain serious market share. The last few years have lent hope to the dream, but the progress remains slow -- so slow, in fact, that its realization is starting to look questionable.

---

http://www.datamation.com/open-source/can-commercial-linux-gaming-succeed-1.html

Linux games have always been one of the goals of free software. If game developers could only be persuaded to develop for Linux, the daydream goes, the operating system would start to gain serious market share. The last few years have lent hope to the dream, but the progress remains slow -- so slow, in fact, that its realization is starting to look questionable.

While that OS remains so fragmented on so many different levels and taking up less than 2% (currently 1.67% of the main stream computer market and in a dozen different flavours) can anyone really wonder why the gaming industry won't take it seriously?

Cheers.

http://www.datamation.com/open-source/can-commercial-linux-gaming-succeed-1.html

Linux games have always been one of the goals of free software. If game developers could only be persuaded to develop for Linux, the daydream goes, the operating system would start to gain serious market share. The last few years have lent hope to the dream, but the progress remains slow -- so slow, in fact, that its realization is starting to look questionable.

While that OS remains so fragmented on so many different levels and taking up less than 2% (currently 1.67% of the main stream computer market and in a dozen different flavours) can anyone really wonder why the gaming industry won't take it seriously?

Cheers.

I think you can replace "gaming" with the name of any industry and still have a valid statement.

---

http://www.datamation.com/open-source/can-commercial-linux-gaming-succeed-1.html

Linux games have always been one of the goals of free software. If game developers could only be persuaded to develop for Linux, the daydream goes, the operating system would start to gain serious market share. The last few years have lent hope to the dream, but the progress remains slow -- so slow, in fact, that its realization is starting to look questionable.

While that OS remains so fragmented on so many different levels and taking up less than 2% (currently 1.67% of the main stream computer market and in a dozen different flavours) can anyone really wonder why the gaming industry won't take it seriously?

Cheers.

I think you can replace "gaming" with the name of any industry and still have a valid statement.

In a majority of cases you'd be very right Gary. ;-)

Cheers.

OMG! A 155mm just hit! I'm shellshocked!! Is today April 1st by chance?

Shellshock

OMG! A 155mm just hit! I'm shellshocked!! Is today April 1st by chance?

Shellshock

100% of *nix machines can be taken over. My, *nix is just like doze.

<ed>http://money.cnn.com/2014/09/24/technology/security/bash-bug/

This flaw has been around for as long as 20 years.

20 years?!!! Where are those millions of eyeballs!!!

All BS and the truth comes out. *nix is just like every other computer program ever written. Buggy and full of fatal flaws.

---

OMG! A 155mm just hit! I'm shellshocked!! Is today April 1st by chance?

Shellshock

100% of *nix machines can be taken over. My, *nix is just like doze.

<ed>http://money.cnn.com/2014/09/24/technology/security/bash-bug/

This flaw has been around for as long as 20 years.

20 years?!!! Where are those millions of eyeballs!!!

All BS and the truth comes out. *nix is just like every other computer program ever written. Buggy and full of fatal flaws.

OMG! Another 155mm. I'm shellshocked! Who would have thought this from the unhackable operating system that hit the world?

I suppose that *nix will eventually be secure when man lands on Mars.

OMG! A 155mm just hit! I'm shellshocked!! Is today April 1st by chance?

Shellshock

100% of *nix machines can be taken over. My, *nix is just like doze.

<ed>http://money.cnn.com/2014/09/24/technology/security/bash-bug/

This flaw has been around for as long as 20 years.

20 years?!!! Where are those millions of eyeballs!!!

All BS and the truth comes out. *nix is just like every other computer program ever written. Buggy and full of fatal flaws.

OMG! Another 155mm. I'm shellshocked! Who would have thought this from the unhackable operating system that hit the world?

I suppose that *nix will eventually be secure when man lands on Mars.

They tried to fix, and failed!
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

Those eyeballs must be getting tired!

But how do you fix the internet of things? Does every thing manufacturer have to issue a recall so the ROM chip can be replaced?!!! Billions of $$$$$ And we thought the Target POS attack via an air conditioner was bad!

---

But how do you fix the internet of things? Does every thing manufacturer have to issue a recall so the ROM chip can be replaced?!!! Billions of $$$$$ And we thought the Target POS attack via an air conditioner was bad!

You can't because those bleary-eyed *nix gurus are tired from all that Windows/Apple bashing that they can't see the code on their screens...

...maybe if they remove those rose-tinted glasses, they might see better.

But how do you fix the internet of things? Does every thing manufacturer have to issue a recall so the ROM chip can be replaced?!!! Billions of $$$$$ And we thought the Target POS attack via an air conditioner was bad!

You can't because those bleary-eyed *nix gurus are tired from all that Windows/Apple bashing that they can't see the code on their screens...

...maybe if they remove those rose-tinted glasses, they might see better.

And I love it they "bash" Apple, because it is *nix! It just has a capital U not lower case li.

---

OMG! A 155mm just hit! I'm shellshocked!! Is today April 1st by chance?

Shellshock

100% of *nix machines can be taken over. My, *nix is just like doze.

<ed>http://money.cnn.com/2014/09/24/technology/security/bash-bug/

This flaw has been around for as long as 20 years.

20 years?!!! Where are those millions of eyeballs!!!

All BS and the truth comes out. *nix is just like every other computer program ever written. Buggy and full of fatal flaws.

OMG! Another 155mm. I'm shellshocked! Who would have thought this from the unhackable operating system that hit the world? ...

Hilarious comment! Thanks for the guffaws!!

And also an interesting hysterical hit on the news! Linux hits the world news big time!!!


For some of the numbers being quoted of there being some impending meltdown for as many as 500 000 000 servers and total calamity for the internet... How did Linux make it so big so quietly?!

And for the reality?

That is rather a bad old bug, but also one where there has to be other vulnerabilities exposed first. For the huge expanse of attack surface that bash exposes, I've never knowingly left it exposed for any of my systems. To open up bash to the untrusted internet is simply foolhardy!

Hence... This one will be interesting to see unfold. Hopefully there is more bluster than actual blow-up.


The systems I run are already updated and none had bash exposed externally in any case and certainly not on the various web servers.

Regardless, a good wake up and some fantastic publicity!


Linux hits the world indeed!!

IT is what we make it...
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

Well that's two this year...

Heartbeat & Shellshock. What's the third?

...blown away by WinAp(ple]

The systems I run are already updated and none had bash exposed externally in any case and certainly not on the various web servers.

Are you sure?
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

---

The systems I run are already updated and none had bash exposed externally in any case and certainly not on the various web servers.

Are you sure?
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

You sure love to poke and gloat... You sure you're not one of those... Ya know... Those unmentionables... One of those ... Auditors?

;-)


Sorry to disappoint you:

bash/ChangeLog

... security bump for CVE-2014-7169 (bug #523592)...
... Security bump (bug #523592). Fixed environment handling command injection (CVE-2014-6271)...



Now... With your Auditor's nose and claws:

What do you find for such as the server software for Microsoft and Apple?...



IT is what we allow it to be,
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

Now... With your Auditor's nose and claws:

What do you find for such as the server software for Microsoft and Apple?...

I'm less worried about Microsoft or Apple but very worried seeing this...

"The new bug has turned the spotlight, once again, onto the reliance the technology industry has on products built and maintained by small teams often made up of volunteers."

Maybe it's time for MS & Apple fanboys to turn the tables on *nix fanboys for the cause of all the Trojans, Malware, Spyware, Adware caught from accessing servers on the Internet which as you so correctly point out to us are operated using some form of Linux and as seen, possible due to a 20 year old bug.