Reply to post:

Hidden Linux kernel security fixes spotted before release – by using developer chatter as a side channel

Anonymous Coward
Anonymous Coward

Indeed. But that does make it very worrying as to what extent are the capable baddies going to be able to leverage this? If it’s doable routinely then it can’t be ignored.

What I think we’ll have to have is immediate disclosure of faults. It might be better to switch off rather than stay operating but vulnerable. For system operators, that would be a pain in the arse, and the answer then would be to be able to switch OSes at a drop of a hat. Or switch db engines in an instant. Or web servers. You’d be taking the chance that two OSes don’t have a zero day unfixed for an overlapping period. Or go closed source.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021