Linux Today: Linux News On Internet Time.

Linux.com: Designed for Uncertainty

Apr 27, 2000, 03:23 (8 Talkback[s])
(Other stories by Matt Michie)

"Reports began to appear April 14th of a apparently deliberate back-door in a piece of Microsoft web software called FrontPage. The reports specified that the back-door password was "Netscape engineers are weenies!". Open source advocates fell all over themselves with glee. This was finally the big black eye they were waiting to give Microsoft! Conclusive evidence that security through obscurity does not work, and that open source software was superior.

"...Of course the next day, after some background and fact checking, it was revealed that the Microsoft back-door wasn't as bad as was originally reported. Further, ten days later a security firm found a what could be considered a back door in Red Hat Linux. Ironically, the bug was in a piece of web software. The security advisory states, "The GUI portion of Piranha may allow any remote attacker to execute commands on the server. This may lead to remote compromise of the server, as well as exposure or defacement of the website."

"Wait a minute. Doesn't Red Hat 'theoretically' stand behind the code they ship? How could this back door have been inserted into Open Source code? Didn't Mr. Raymond say that this couldn't happen to Linux? What do all the pundits who were railing against Microsoft's security holes have to say about this? Is there a double standard when it comes to reporting Microsoft? In this situation, the Linux press, such as Slashdot, are looking more like a sick imitation of what ZDNet used to be. Why is it 'evil' when Microsoft FUDs Linux, but 'advocacy' when Linux sites FUD Microsoft?"

Complete Story

Related Stories: