“Have you ever wondered how your vendor knows that a new
exploit is out and that they should patch the offending package and
issue a security fix?“
“Most of the time in the past, Unix (and Linux) vendors were
playing a dangerous game of catch up with the crackers. When
someone was broken into or attacked, they would try and figure out
how the cracker got in, and work backwards to find a patch that
would keep them out. As you can well imagine, this wasn’t a very
useful way to do things. Often you had to wait until a large number
of systems were attacked by a particular exploit before you could
track down the problem. Then, you would have to wait for your
vendor to make a fix available.”
“When Linux first came on the scene, you got a slight bit of
improvement, in that enterprising hackers didn’t have to wait for
the vendor to come up with a fix, but could instead create their
own from the code. Kernel bugs (like the ping-of-death attack) were
fixed particularly quickly due to easy access to the source code.
Of course you were still playing catch up to the crackers, because
there needed to be some evidence of the attack so you could fix the
problem in the code. Also, since Linux was rapidly evolving, there
were lots of bugs that could be exploited until things
stabilized.”