Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Problems Are Primarily Just Bugs, Linus Torvalds Says (iu.edu)

Posted by msmash on from the things-Linus-says dept.

Linus Torvalds, in his signature voice: Some security people have scoffed at me when I say that security problems are primarily "just bugs." Those security people are f*cking morons. Because honestly, the kind of security person who doesn't accept that security problems are primarily just bugs, I don't want to work with. Security firm Errata Security has defended Linus's point of view.

3 of 272 comments (clear)

  1. Re:Security problems are NOT just bugs by Dog-Cow · · Score: 5, Informative

    Linus's context is entirely in terms of the kernel. If you ignore that, you write comments that are complete non-sequiturs.

  2. Here's a more complete discussion of the issue. by mspohr · · Score: 5, Informative

    https://www.theregister.co.uk/...

    --
    I don't read your sig. Why are you reading mine?
  3. Re:All data security is through obscurity by Opportunist · · Score: 5, Informative

    When we talk about security by obscurity we mean that the way of how the security is produced is obscured. Not that a certain secret, a key, has to be kept secret to use it.

    PGP contains a private key, this is not what obscurity means in this context. What obscurity means is when the basic algorithm used to produce the encrypted result is not open to a public audit.

    The key is secret. Not the lock. Big difference.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.