Well here's the thing about that.... all the shells are portable across any UNIX or UNIX-Like OS, including BSD's tcsh and my personal favorite zsh, further as long as you're using the shell utilities in a POSIX compliant fashion as opposed to relying upon GNUisms then the userland is transparent and will work basically the same on any *nix you sit yourself down in front of, at least for what the GNU userland covers vs BSD or whatever.

It seriously hurt to read that nasty political propaganda posed as a "press release about a major security bug".

I think that all of two sentences were actually dedicated to the bug itself...

This is why I can't stand the FSF. I appreciate GNU and the tools they give us, but the FSF is just extremely annoying, and sorta useless...

Theoretically in a higher-level language, strings comming into the program from the outside could be a different type than normal (trusted) strings. I am however not aware of anyone doing this with existing languages/libraries.

sudo apt-get update && sudo apt-get upgrade

Universed re-centred. Equilibrium achieved. I almost blinked at this non-event! *check phone* Yep, still straight.

I'm off for a spot of coffee and fresh air to try digest Tony Abbott's latest *triumph* against humanity (hint, it's security related). Who's coming, before the air to is terrorised?

The "sorta useless" GNU is probably the reason why Linux has conquered the embedded, server, and mobile worlds. The GPL has forced upstream contribution from countless parties, leading to the most flexible operating system (or "kernel" depending on your point of view) we've ever had. It even competes decently with proprietary Unixes in terms of reliability and performance. The BSD license would not have been able to do this: just look at how little Apple has contributed back to open source.

I really enjoyed their press release! "Politics" is of course the whole point of the free software movement, and this was a great opportunity to remind everyone of this point.

And an important opportunity for defence: Microsoft and Apple very often have press releases blaming the free software concept for security concerns with free software, and Microsoft and Apple have much more money for getting their FUD across. So, anytime free software gets some attention, we should remind everybody what we're here for: giving people control over their machines.

As for quality of tools: any program which is big enough is doomed to contain some bugs. Realistically speaking, all modern systems which are anyhow usable would be large enough to contain various bugs, including bugs which could cause security problems. So if your code exceeds several KiBs, it likely to have bugs. Everyone who tells otherwise is either moron or just shameless liar.

So realistically speaking, all BSDs, Linuxes and virtually any OSes used these days contain bugs. Some of these bugs can be really nasty. Then, some unpopular programs or systems can get less bug reports. However it does not necessarily means there're less bugs. It could also mean nobody reports these bugs. So IMO, bold statements like "some system is secure" are unproven to say the least, unless they're talking about system which is powered off and not connected to nets.

Sure, e-parasites do not welcome e-DDT because it makes their lives harder. But someone needs to teach eParasites a lesson on attitude and simbiosis and Stallman is one who actually caused it, via creation of GPL.

Look, when academic people works for business guys, this is warmly welcomed by business. But when academic people dared to take some sources from commercial systems, they were sued to the hell. Yes, I'm talking about occurence where BSD people were sued by AT&T. GPL looks really nice thing to prevent such kinds of attitude. And looking on Linux it appears it works very well. So now many corporations joined their efforts to develop rather than file lawsuits. Something that BSDs were not able to achieve ever.

I couldn't agree more, I love GNU/Linux, Free Software and the GPL.

Seems fair to me. People using the GPLv3 versions of bash have the warranty of being able to fix the bug. People using older versions haven't, and if they can't upgrade, this bug might go as far as render their locked hardware useless. Turning this bug into a titanic case for choosing the GPLv3 is a good move from the FSF.

there's always OS X. =)