Announcement

Collapse
No announcement yet.

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by sophisticles View Post
    The sad thing is that stuff like this happens all the time with open source software yet the zealots still cling to their demonstrably incorrect belief that open source is more secure because of the whole "millions of eyes looking at the code" argument.

    to be correct, the actual quote is "Given enough eyeballs, all bugs are shallow." that, di per se, is not wrong.

    In this specific case that code was old and ugly and more or less working and innovation was happening elsewere (wayland), so all the eyeballs were looking somewhere else.

    While I agree with your stance that sometimes people tends to overestimate the number of eyeballs looking to a particular piece of code, the same phenomenon happens with closed software: software engineers are tipically not payed to look and touch old legacy code that works.

    In the end, I think that chances that bugs like these are discovered are sligtly higher with open source software.




    Comment


    • #52
      I've been reading some of the comments, but instead of wasting energy in blaming software and people, try to resolve the issue instead

      To all people who state that even more X.org vulnerabilities were found: Yes that's the case unfortunately, but all software has vulnerabilities and bugs. I'm happy that the he security flaws were found and fixed. Just patch and and move on (which is no more than apt update && apt upgrade or similar in the majority of cases).

      To all the people who state that we need to move to Wayland: Yes I agree that it's the way forward, but moving forward requires time and Wayland is just not ready for prime time for everybody unfortunately (otherwise X.org support would've been removed already). Be patient. In time this move will happen naturally as the developers of the major desktops (Gnome and KDE) are focused on it and fixing bugs almost every day.

      Comment


      • #53
        Originally posted by MadCatX View Post
        Remember guys, Wayland is a bad design, too difficult to support, global shortcuts, screen sharing, middle-button paste, you know the drill
        Don't worry, they'll probably make it usable in the next 20 years or so.

        Comment


        • #54
          I try wayland every year, around the start of the year.

          Two years ago, I lasted 2-3 hours

          Last year, I lasted one day.

          This year, I lasted a week.

          I am hopeful next year maybe, just maybe, I can run wayland and keep running it.

          Comment


          • #55
            Originally posted by ayumu View Post
            I try wayland every year, around the start of the year.

            Two years ago, I lasted 2-3 hours

            Last year, I lasted one day.

            This year, I lasted a week.

            I am hopeful next year maybe, just maybe, I can run wayland and keep running it.

            But the best are the people who use it on their distro because it was set as default and they don't even know it.

            Comment


            • #56
              Originally posted by ayumu View Post
              I try wayland every year, around the start of the year.

              Two years ago, I lasted 2-3 hours

              Last year, I lasted one day.

              This year, I lasted a week.

              I am hopeful next year maybe, just maybe, I can run wayland and keep running it.
              that's not bad! it's around a x10 every year!

              next year is going to be ~ 2months of usage!

              Comment


              • #57
                Originally posted by ayumu View Post
                I try wayland every year, around the start of the year.

                Two years ago, I lasted 2-3 hours

                Last year, I lasted one day.

                This year, I lasted a week.

                I am hopeful next year maybe, just maybe, I can run wayland and keep running it.
                I also started experimenting with Wayland very early, many years ago, while the implementations around it were still in the process of adopting the spec.

                What I experienced one or two times was I had to reset the desktop environment's config files by deleting them, so the new default values, which have changed over the course of time, could activate so things become matching again.

                So if you still have config files from past times, renaming/moving them out of the way might help to unbreak old configs.

                Comment


                • #58
                  I'm posting here just to help to make this thread to reach ten pages!

                  What about Arcan? Nobody talks about it, yet it's a lot more interesting than all this.

                  Comment


                  • #59
                    For God's sake, Wayland never:

                    Think twice about Wayland. It breaks everything! GitHub Gist: instantly share code, notes, and snippets.

                    Comment


                    • #60
                      Originally posted by Nori View Post
                      Yeh probono is infamous for his very technical and grounded knowledge.

                      "Hence, if you are interested in existing applications to "just work" without the need for adjustments, then you may be better off avoiding Wayland."

                      If you're interested in your applications to "just work" on a distro other than Ubuntu or Debian, you may be better off avoiding AppImages.

                      /s

                      Comment

                      Working...
                      X