"Month of Kernel Bugs" Project Head Interviewed - Slashdot

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

×

"Month of Kernel Bugs" Project Head Interviewed 42

Posted by CowboyNeal on Saturday November 11, 2006 @12:30PM from the getting-to-know dept.

An anonymous reader writes "November has been labelled the 'Month of Kernel Bugs' in security circles. The Month of Kernel Bugs began on November 1, with the publication of a vulnerability in Apple's AirPort drivers. SecuriTeam blogs did an interview with LMH, who hosts the project."

This discussion has been archived. No new comments can be posted.

"Month of Kernel Bugs" Project Head Interviewed

Search 42 Comments Log In/Create an Account

Comments Filter:

Apple flaw? No. (Score:1, Interesting)

by Anonymous Coward writes: on Saturday November 11, 2006 @01:07PM (#16806120)

What they found was actually a general flaw in wireless drivers that comply with the Wi-Fi standard. Why do self-appointed security experts always seem to have to find something wrong with Apple (and incorrectly) to prove their mettle?

Share
twitter facebook
Re:Shifty business in the kernel. (Score:3, Interesting)

by gmack ( 197796 ) writes: <gmack@noSpAM.innerfire.net> on Saturday November 11, 2006 @04:41PM (#16807618) Homepage Journal

Well for starters Linux isn't the only kernel with bugs [theaimsgroup.com]. I'm not slamming OpenBSD but it was a very quick example.

The kernel of any OS is a very complicated piece of code and bugs can be very subtle and hard to spot. You have a wider range of inputs than other pieces of software and at the same time you have a large array of hardware and BIOS to interface and they all have potential bugs of their own.

I've gone through bug reports to try and understand what goes wrong and how it's fixed. Those programmers are very good at what they do and I've seen even the best and most secure coders introduce bugs.

Parent Share
twitter facebook
Problem is more the secret fixing. (Score:3, Interesting)

by Kadin2048 ( 468275 ) writes: <.ten.yxox. .ta. .nidak.todhsals.> on Saturday November 11, 2006 @07:01PM (#16808804) Homepage Journal

I probably should have been more clear -- I wasn't implying that OpenBSD or any other kernel has less bugs than Linux; I haven't reviewed the code so I can't say that. However, regardless of which OS or kernel we're talking about, if people are recognizing and fixing bugs silently, and disguising or obscuring their patches, then it makes it very hard to get an idea of how many bugs are actually there, and at what rate they're being fixed.

It was more the practice of silently or clandestinely fixing bugs, without pointing out that the bug was there even after it's fixed, that seems like it's a problem. It means that contributions are going into the kernel tree that aren't well understood except by the person who's submitting them, or at least that's the impression that I get.

It's really that -- not-well-understood patches being submitted and accepted -- which I think is an issue. The relative merits of Linux vs OpenBSD isn't a can of worms I wanted to open up, except in how their processes for reviewing and accepting code differ.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight