Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Students find 44 Unix flaws
www.silicon.com ^ | December 17, 2004 | Robert Lemos

Posted on 12/17/2004 9:24:48 AM PST by CyberCowboy777

December 17, 2004

Students of iconoclastic computer scientist Daniel Bernstein have found some 44 security flaws in various Unix applications, according to a list of advisories posted online.

The flaws, which range from minor slip-ups in rarely used applications to more serious vulnerabilities in software that ships with most versions of the Linux operating system, were found as part of Bernstein's graduate-level course at the University of Illinois at Chicago.

The advisories regarding the flaws were dated Wednesday and can be found on the website of student James Longstreet. Bernstein, a professor of computer science at the university, did not immediately respond to inquiries about the vulnerabilities.

The latest crop of security flaws comes two days after a software-testing company announced that it had found 985 flaws in the latest Linux kernel during the past four years using the company's analysis software. While the number seems high, the company said it is far lower than the number associated with most commercial software.

(Excerpt) Read more at software.silicon.com ...


TOPICS: Editorial; Extended News; Miscellaneous; Your Opinion/Questions
KEYWORDS: computersecurity; flaws; linux; lowqualitycrap; security; unix; windows
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 101 next last
Security research suggests Linux has fewer flaws December 14, 2004

By Robert Lemos Staff Writer, CNET News.com

The Linux operating system has many times fewer bugs than typical commercial software, according to an upcoming report.

The conclusion is the result of a four-year research project conducted by code-analysis company Coverity, which plans to release its report on Tuesday. The project found 985 bugs in the 5.7 million lines of code that make up the latest version of the Linux core operating system, or kernel. A typical commercial program of similar size usually has more than 5,000 flaws or defects, according to data from Carnegie Mellon University.

http://techrepublic.com.com/5100-22_11-5490241.html

1 posted on 12/17/2004 9:24:48 AM PST by CyberCowboy777
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

Ping


2 posted on 12/17/2004 9:27:33 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CyberCowboy777
I had to do a double-take as I thought this was posted by Bush2K!

BTW, Thanks for the pings on the vote brouhaha. Maybe we should organise a FReep here in Spokane? Any thoughts?

3 posted on 12/17/2004 9:28:45 AM PST by BullDog108 (Know Your Enemy! http://bvml.org/webmaster/enemy.html)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BullDog108
It is Friday.. a good O/S dustup might be fun.

Spokane? I am in SW, but the idea is good. If you post a thread with your idea I'll ping everyone to it. I know we have some great FReepers in the Spokane area.
4 posted on 12/17/2004 9:36:42 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Swordmaker

ping


5 posted on 12/17/2004 9:41:50 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CyberCowboy777
It is Friday.. a good O/S dustup might be fun.

LOL! In that case I'll go make some popcorn. I am a non-partisan in this issue ;^)

As far as a Spokane FReep goes, let's wait until they steal the election. I do not know why, but I have not lost faith in Rossi becoming governor. A lot rests on the lawsuit filed today.

6 posted on 12/17/2004 9:43:37 AM PST by BullDog108 (Islamists are Insane! http://bvml.org/webmaster/islam.html)
[ Post Reply | Private Reply | To 4 | View Replies]

To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...

Unix Security Ping!


7 posted on 12/17/2004 9:44:40 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BullDog108
I figure if they add the 570+ from King County Rossi will lose.

Penguin Zealots vs. MS Zombies

Mac user with small market share complex and MS users in denial.

Unix Admins keeping to themselves - they just ain't no fun.
8 posted on 12/17/2004 9:48:39 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Golden Eagle

Are ya happy now?


9 posted on 12/17/2004 9:48:54 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 7 | View Replies]

To: CyberCowboy777

So whom should we blame for this, George Bush or Bill Gates? Sure is a tough call.


10 posted on 12/17/2004 9:53:53 AM PST by Squawk 8888
[ Post Reply | Private Reply | To 1 | View Replies]

To: CyberCowboy777

MS rules, Unix sucks...oh wait, Unix rules, MS sucks..Mac who?
(I've a split personality, as I do both Unix and MS, with a bit of Open VMS thrown in just because I'm a masochist)


11 posted on 12/17/2004 9:53:58 AM PST by stylin_geek (Liberalism: comparable to a chicken with its head cut off, but with more spastic motions)
[ Post Reply | Private Reply | To 8 | View Replies]

To: stylin_geek
LOL!

My bread and butter is MS, but we also support Netware and AS/400.

I am looking at a 12-inch G4/1.2GHz iBook for home and have a Gateway 9300 Pro with Ubuntu.

My main gaming box is a 2500+ 333FSB (OC'ed to 3000+ 400FSB) with XP Pro.

12 posted on 12/17/2004 10:01:13 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 11 | View Replies]

To: CyberCowboy777

Well, thanks to open source I bet the flaws are being addressed as we speak. Unlike MS who know about security problems for months without taking action, until the next batch of security patches are released.


13 posted on 12/17/2004 10:09:57 AM PST by KoRn
[ Post Reply | Private Reply | To 2 | View Replies]

To: CyberCowboy777

Yeah, my bread and butter is MS, too. I forgot that I do some AS/400 (gag, cough, gasp) also. I have yet to work with Netware, although I'd like to.


14 posted on 12/17/2004 10:17:32 AM PST by stylin_geek (Liberalism: comparable to a chicken with its head cut off, but with more spastic motions)
[ Post Reply | Private Reply | To 12 | View Replies]

To: CyberCowboy777

Only 44?


15 posted on 12/17/2004 10:32:47 AM PST by Beckwith (John, you said I was going to be the First Lady, as of now, you're on the couch . . .)
[ Post Reply | Private Reply | To 1 | View Replies]

To: KoRn
I am sure that the issues will be resolved and new issues will come up. Especially as MS loses market share.

Not a bad showing for Unix, but not really a surprise either.

Of course I still can't play Half Life 2 on a Unix station.

16 posted on 12/17/2004 10:33:54 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Beckwith
Not suprising, Unix is pretty tight.

And we can play The Dungeons of Moria!


17 posted on 12/17/2004 10:38:00 AM PST by CyberCowboy777 (Zip it Hippie! - http://www.casualconservative.com/)
[ Post Reply | Private Reply | To 15 | View Replies]

To: CyberCowboy777

When you build a new operating system 20 to 40 years after those that have been accepted as standards (for better or worse), I would hope that the fresh start would mitigate the problems associated with legacy operating systems such as Windows and Unix.

There still is nothing that runs better, cleaner and freer of problems than the many version of IBM's mainframe operating system which has basically run the economy since 1967/1968..


18 posted on 12/17/2004 10:40:01 AM PST by Beckwith (John, you said I was going to be the First Lady, as of now, you're on the couch . . .)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
I didn't realize the brass buzzard was still around. I figured his grant from microsoft ran out.
19 posted on 12/17/2004 10:40:51 AM PST by zeugma (Come to the Dark Side...... We have cookies!)
[ Post Reply | Private Reply | To 9 | View Replies]

To: CyberCowboy777
I'd be interested in if any of these "flaws" are remote exploits, local exploits, or just some "flaws" in programming style.
20 posted on 12/17/2004 10:47:51 AM PST by zeugma (Come to the Dark Side...... We have cookies!)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 101 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson