Announcement

Collapse
No announcement yet.

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    What do you disagree with? Do you read what you paste????

    X Window System was developed at MIT.

    Neither DEC nor IBM was responsible for the development of X-Windows. They mainly supplied the hardware with their software and employees to set up hundreds of terminals and dozens of minicomputers.

    X-Windows, Kerberos, Zephyr were developed at MIT.

    Just because, for example, Microsoft is a platinum member of the Linux Foundation, or that it is one of the founders of the RUST Foundation. Doesn't mean that it is responsible for every line of code.

    And you are trying to shift the responsibility.​

    Are you suggesting they're China or Russia sponsored
    No.

    What I'm suggesting is that there may be more behind some of the 'bugs' in open source than just a mistake.

    ​​
    Last edited by HEL88; 03 October 2023, 03:22 PM.

    Comment


    • #12
      Originally posted by chuckula View Post
      Of only X11 was open source then these bugs could have been found in days instead of decades.
      Yeah, because tools that we have today were present thirty years ago and X11 has wonderful documentation..

      Comment


      • #13
        Come on guys, this must reach at least 10 pages:

        Comment


        • #14
          Originally posted by Volta View Post
          Thankfully there's Open Source software that's ways more secure and verifiable than closed source spying mess.
          100% correct!!!

          That's why it only took 35 YEARS for these vulnerabilities to come to light.

          Comment


          • #15
            Who cares?
            Linux Mint developers and users for sure they don't care about security vulnerabilities.
            Otherwise they will not be everyday with Linux Mint is great, it's fine, they don't need any of the features that KDE Plasma, Gnome has, yada yada.
            I wonder how long will they be able to keep with their fanboysm / fanatism.
            Same for Nvidia users, how a colleague said above.
            Users who defend crap, don't deserve any empathy for their own self-made problems!

            Comment


            • #16
              The sad thing is that stuff like this happens all the time with open source software yet the zealots still cling to their demonstrably incorrect belief that open source is more secure because of the whole "millions of eyes looking at the code" argument.

              The problem is that there's no way of knowing the skill level or the intent of the "millions of eyes" and as anyone that has ever done any coding knows, it can be very tricky to track down a bug that exists accidentally, much less figure out of a vulnerability exists just by looking at code.

              God knows how many other security holes exist in various open source projects.

              Comment


              • #17
                Originally posted by sophisticles View Post
                The problem is that there's no way of knowing the skill level or the intent of the "millions of eyes" and as anyone that has ever done any coding knows, it can be very tricky to track down a bug that exists accidentally, much less figure out of a vulnerability exists just by looking at code.
                Therefore, a Windows desktop is much more stable and reliable than a Linux desktop.

                It's just much better tested under different conditions, on different hardware than a Linux desktop.

                Here there is no place like, for example, GNOME leaking for months.

                Comment


                • #18
                  Seems to me that distros should not be running xorg as root. I can run rootless xorg on Trisquel by removing the graphical login manager (lightdm). This can make it difficult to boot Ubuntu-based distros, but good instructions for configuring them to boot into text/tty are here: https://ubuntuhandbook.org/index.php...mmand-console/

                  I think one solution is to use Gnome with gdm which should automatically bring up a rootless x-session, but I'm using DWM and haven't used Gnome in a lot of years, so I haven't checked.

                  Comment


                  • #19
                    Originally posted by chuckula View Post
                    Of only X11 was open source then these bugs could have been found in days instead of decades.
                    Well, like the article said: that code is sheer terror. Security by obscurity. Not as bad as decompiled Java code, but well...

                    Comment


                    • #20
                      Originally posted by sophisticles View Post
                      The sad thing is that stuff like this happens all the time with open source software yet the zealots still cling to their demonstrably incorrect belief that open source is more secure because of the whole "millions of eyes looking at the code" argument.

                      The problem is that there's no way of knowing the skill level or the intent of the "millions of eyes" and as anyone that has ever done any coding knows, it can be very tricky to track down a bug that exists accidentally, much less figure out of a vulnerability exists just by looking at code.

                      God knows how many other security holes exist in various open source projects.
                      Millions of eyes already told everyone that x11 is a security shithole. That's why everyone should use wayland

                      Comment

                      Working...
                      X