On 23/10/14 05:18, Karthikeyan A K wrote: > Who know how many shell shock Microsoft hides? And how many of it is known > by NSA? Who cares? I don't use Microsoft so it's not my concern.
I use Linux, that's my concern. It's naive to believe that FOSS is somehow magically safe because many eyes can see the code. Only if many eyes bother to look at the code, will they find the holes. How difficult do you think it is for certain agencies to pay /exert infulence on contributors to write in security holes? In my view, these recent finds are the tip of the iceberg. Either you accept that "all your machines are belong to us", whichever OS you are using, or you start auditing code. I have a polish friend who is an OpenBSD contributor, he often makes smug comments at me about the fact that I run the Linux kernel on my machines. He often says "they're are some funny things in there". _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc ILUGC Mailing List Guidelines: http://ilugc.in/mailinglist-guidelines
