back to article Die-hard bug bytes Linux kernel for second time

The Linux kernel has been purged of a bug that gave root access to untrusted users – again. The vulnerability in a component of the operating system that translates values from 64 bits to 32 bits (and vice versa) was fixed once before – in 2007 with the release of version 2.6.22.7. But several months later, developers …

COMMENTS

This topic is closed for new posts.
  1. K. Adams
    Alert

    ** Sigh **

    This is what happens when you develop an operating system that purports to work "the same" across multiple architectures: It doesn't.

    By looking at the code for both the bug and the exploit, they each appear to be heavily x86-32/x86-64 dependent.

    I would venture that there is a high degree of probability that this bug/exploit combination does not exist, for example, in versions of the Linux kernel developed and compiled for IBM's midrange (AS/400 / System i / System p) and mainframe (S/390 / System z) iron, in versions of the kernel developed to work on Cell-based parallel processing systems, or in versions compiled against SPARC machines.

    This leads me to believe that it is perhaps the x86-32/x86-64 architecture that is at fault, at some lower level, for not properly securing access to 32-bit facilities provided by 64-bit processors. This kind of bug could **conceivably** be used to compromise Linux-based x86 hypervisors, by allowing an intruder to context-switch out of the virtual machine and into the host OS.

    Granted, the fact that a regression of this magnitude was re-introduced into the Linux kernel is regrettable, but it isn't difficult to understand how such a mistake can be made, given the kernel's rather heterogeneous target audience. No one person, or group of persons, can be an expert on all of the different processor architectures supported by the Linux kernel.

    1. Displacement Activity

      No frickin title

      "This leads me to believe that it is perhaps the x86-32/x86-64 architecture that is at fault, at some lower level, for not properly securing access to 32-bit facilities provided by 64-bit processors".

      I have a different suspicion, having just written (with some difficulty) a device driver that runs on i686("x86_32")/PAE. It turns out that, on x86, a significant portion of the driver core was written specifically on the x86_64 branch, completely separately from mainline x86. It wasn't back-ported, and x86_32 has significant problems, particularly if you're on PAE. This is made much worse by the fact that the 'documentation' and the relevant book are several years old, and talk extensively about features which the reader assumes will exist on any current kernel, but which in fact didn't work on the most common port at the time, and still don't.

      In short, I'd be surprised if the processor is the problem here. Linux is my preferred OS, but it's obvious that there are significant management failings in the kernel development.

    2. No, I will not fix your computer
      FAIL

      But....

      You're assuming that IBM/SunOracle by default would be "safe" by virtue of being different, this is an argument from obscurity, in reality the is more scruitiny of x86/x64 because of the availability and number of installations so issues are more likely to be found, these less common architectures aren't somehow magic. I would concur that this particular bug/exploit/weakness probably doesn't exist (byte order might, for example affect it), but that doesn't mean there isn't something unique to these architectures that x86 doesn't have.

      The "heterogeneous target" excuse is also faulty, for example, the 10 year old bug in SPARC Solaris that allowed direct root login using telnet was re-introduced into Solaris 10, OK telnet is old hat and probably not active on most Solaris 10 installs, but it's just a well publicised example.

      1. K. Adams
        Boffin

        Being different

        > You're assuming that IBM/SunOracle by default would be "safe" by virtue of being different...

        In this case, yes. Given an examination of the code, there seem to be a considerable number of explicit references to x86-32-specific and x86-64-specific registers and features (%rax, %eax, %ecx, %edx, %rsp, etc.), which would obviously not exist on POWER or SPARC architecture CPUs.

        > The "heterogeneous target" excuse is also faulty, for example, the 10 year old bug in SPARC Solaris that allowed direct root login using telnet was re-introduced into Solaris 10

        I disagree on this point. telnet is an application, and so is not inherently architecture-dependent at the source-code level.

        The x86-32/x86-64 call stack translation subsystem, being a hardware-oriented component of the Linux kernel specific to the x86 architecture, **is** architecture-dependent at the source-code level. This makes it very likely that this bug would not be reproduced in Linux kernels compiled against other CPU types.

  2. Steen Hive
    WTF?

    You know the noise "facepalm" makes?

    *Thunk*

    1. Tom Maddox Silver badge
      Joke

      Sort of

      That's really more of a *headdesk*.

  3. xj25vm

    Title

    "This is true, but the existence of vulnerabilities like these are a big deal in corporate, government and educational environments, where Linux is a mainstay. "

    Well, I find the above flattering to the Linux community. Which is great. But can it be supported with some proof? Wouldn't something like "where Linux has a significant user base" or "where Linux is deployed in significant numbers" been a more defensible position?

    1. Anonymous Coward
      Flame

      Linux IS A Mainstay

      Deutsche Börse - leading derivatives platform - soon all Linux

      Google - all Linux

      Facebook - all Linux

      CERN - leading end-the-world-fear-attractor/Master Proton Smasher - all Linux

      Android - Linux

      countless faceless devices like DSL routers - Linux

      Even though the financial sector has the money to buy from IBM and MS, they have discovered that it makes much more sense to go with the Google approach (hire smart and expensive people, use Linux and other FOSS).

      Adobe, MS and Oracle demonstrated this year that their ability to adapt and fix problems is comparable to the ability of a slug to cross a highway. Eventually they will make it.

      Linux fixes exploits in two days, normally. Now somebody fixed Adobe's crap with a hex editor. They don't manage even though they have the source. I guess their developers don't have time for that because they busily update their "personal performance metrics and professional development" Excel sheet. If they are not held up by a "global business intelligence meeting". Or by fixing their Visual SourceSafe code-fermentization&decomposition facility.

      I once worked for Quark, and they did use VSS.

      1. Anonymous Coward
        Anonymous Coward

        @Strongtype

        Can you cite a few sources for your linux use? I know for a fact that Google are pretty heavy Windows users, their servers may well be linux, but do you remember the rather large hack from China earlier in the year?

        1. Anonymous Coward
          Linux

          CERN and Other Scientific Linux Users

          http://blog.internetnews.com/skerner/2008/09/large-hadron-collider---powere.html

          http://linux.web.cern.ch/linux/scientific5/

          https://www.scientificlinux.org/

          In General

          http://en.wikipedia.org/wiki/Supercomputer

        2. Anonymous Coward
          Go

          Google and Linux

          AFAIK, all servers at Google are Linux. I interviewed with them and Windows was never asked about. But questions like "how do you kill a process if the max number of processes is executing" ?

          http://en.wikipedia.org/wiki/Google_platform

          http://www.cs.wpi.edu/~cs4241/2000d/class11.pdf

          http://rakaposhi.eas.asu.edu/f02-cse494-mailarchive/msg00138.html

          http://video.google.de/videoplay?docid=3526134640911302384&q=google+cluster+site:video.google.com&total=579&start=0&num=10&so=0&type=search&plindex=0#

          http://uwtv.org/programs/displayevent.aspx?rid=2879

        3. Anonymous Coward
          Linux

          Facebook & Linux

          http://www.sysadminslife.com/linux/facebook-ein-blick-hinter-die-kulissen-und-in-das-komplexe-system/

        4. Anonymous Coward
          Anonymous Coward

          Tokio Stock Exchange

          http://www.golem.de/1003/74009.html

        5. Anonymous Coward
          Linux

          Deutsche Börse & Linux

          http://blogs.computerworld.com/14637/linux_powers_worlds_fastest_stock_exchange

          http://customers.redhat.com/2010/03/03/deutsche-boerse-red-hat-mrg-case-study/

          http://www.computerwoche.de/software/software-infrastruktur/1904146/

        6. Tom 13

          @Fraser: Don't need a source, just a brain.

          Given the kind of computing power needed to do the indexing Google does to support as many users as Google does, if they were paying MS for even a significant minority of their servers, MS would be a far more profitable company than it is.

        7. Stephen Bungay

          Some sources of Info...

          @ Fraser

          As I understand it the hack attack on Google was not their public search engine servers et all but against the corporate infrastructure, i.e. the network of desktop machines used in the corporate offices. See http://techcrunch.com/2010/01/12/google-china-attacks.

          Google has also been reported to be kicking Windows to the curb in its corporate infrastructure. See

          http://www.zdnet.com/blog/btl/google-dumps-windows-is-microsofts-os-headed-down-a-troubled-path/35212

          for more on that one.

          1. Anonymous Coward
            Anonymous Coward

            Err...

            @Tom - I do have a brain, my brain says to me that the hack of Windows machines that was plastered all over the Internet a few months ago suggests that Google are Windows users. I made no statement suggesting that they are exclusively Windows users, which would be idiotic as they are obviously heavy Linux users. Many companies run heterogeneous networks, it's very rare to find companies which use a single OS/Hardware platform.

            @Stephen - Thanks for the serious reply...

  4. frymaster

    "valid account on the machine" is stretching things a bit

    let's say your linux PC is a mail server, and it scans incoming mail for viruses. Let's also say there's a bug with the archive tool you use, meaning a malformed archive can be used to execute code on the machine (it's happened)

    congratulations, you now have a "valid account on the machine" and can use this exploit. see also: anything that manipulates images, and a malformed image, etc. etc. etc.

    you don't need to have SSH access; you just need to be able to run commands on the machine

  5. Cyfaill
    Linux

    linux kernel

    Grows and changes every three-ish months.

    Not to diminish this as having significance, but the Linux kernel is the largest software project on earth... it is always changing... that kind of makes it a moving target as far as exploits are concerned.

    Currently it is at 2.6.35.x I think. The system is inherently safe anyway.

    1. K. Adams
      WTF?

      Inherently wha?

      > The system is inherently safe anyway.

      Huh?

      Not sure what you mean by that... No computer operating system, application, or platform can be called "inherently safe" unless it was specifically designed for safety from the ground-up. Very few general-purpose, consumer- and commercial-grade operating systems and platforms fall into this category.

      Telco-grade Class 4 (4ESS) and Class 5 (5ESS) circuit switching equipment, certain automated railroad signalling systems, some types of industrial control equipment, and various medical device control systems fall may fall into the "inherently safe" category, but your home or office PC, even if it runs Linux, most assuredly does not.

      I'm an ardent GNU/Linux supporter, and have been using it almost exclusively as my OS of choice for the better part of 10 years now (none of my home PCs run Windows or Mac OS X). Even so, I would be foolhardy if I trusted it to be "inherently safe."

      While I do believe that GNU/Linux-based operating systems are **safer** in many ways than Windows and Mac OS X, I have seen my share of GNU/Linux boxes crash-and-burn (figuratively) because of poor configuration, lackadaisical patching, improper oversight, and yes, even the not-so-occasional bugs (both new and regressed).

    2. bazza Silver badge
      Jobs Horns

      Duh?

      > The system is inherently safe anyway.

      Urrrrm, not.

      You're not related to Steve Jobs are you?

    3. K. Adams
      Boffin

      General purpose, inherent safety

      To clarify my earlier position: That is not to say that general-purpose computing systems with inherent safety don't exist. They do; they're just not very common.

      One general-purpose computer design that **may** be considered "inherently safe" -- if properly implemented -- is a so-called "Harvard architecture" machine. This type of computer has physically separate data and code (program) buses and memories, so data can't grow to overwrite code, and code can't grow to overwrite data. The IBM ASCC/Harvard Mark I was the basis for this type of design. Modern examples of this kind of architecture include embedded systems based around AVR (Atmel Corp) and PIC (Microchip Technology, Inc.) microcontrollers.

      1. AOD

        RE: General purpose, inherent safety

        There have been some more general purpose examples of "Harvard architecture" machines, one example was the souped up StrongARM cpu released for the Acorn RiscPC.

        I remember at the time a number of apps/utilities falling over as their self-modifying code tricks would no longer work (one legit use was executables that would self decompress and run back when hard drive space was a lot pricier).

        I don't know if any of the subsequent ARM designs continued to make use of this or not.

        1. Charles 9

          To answer your question...

          The ARM7 is von Neumann; the ARM9 is Harvard.

          Just-In-Time Compilation is a modern case which Harvard architectures can't handle, either. Basically, any program that builds or modifies code to be executed on the fly (IOW, a program that necessarily blurs the code/data divide) cannot work in a Harvard architecture.

      2. Anonymous Coward
        FAIL

        Nope

        Your Stack is still unprotected, as the program *must* be able to change it. It is a bit more complicated, but still possible. Stack smashing does not necessarily include injecting machine code.

        Simple Example:

        there is a

        int exec_shell(char* cmd);

        function. All you have got to manage is to put "rm -rf /" on the stack, change the return address to the function above and you are set to delete the whole file system of that machine (assuming it is a root process).

        This is just one of the simple examples, btw.

      3. foederati
        Boffin

        Harvard architectures are not guaranteed-secure

        Just because the data and code memory sections do not overlap does not mean it is impossible to attack a Harvard architecture machine. While they make it much less likely to *accidentally* break the machine by overwriting code, it is still possible to use code that already exists to form programs. For instance, appropriately changing function return addresses to take you into very specific parts of known libraries, then forming those bits of known code into programs.

        For reference, see "Code Injection Attacks on Harvard-Architecture Devices" by Francillon and Castelluccia at the 2008 ACM Computer and Communications Security Conference. You might also be interested in looking into return oriented programming, e.g. "The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)" by Hovav Shacham at CCS 2007.

        1. K. Adams
          Boffin

          Conditionals

          > Just because the data and code memory sections do not overlap does not mean it is impossible to attack a Harvard architecture machine.

          I never indicated that attacking a Harvard architecture machine was impossible. I indicated that Harvard machines may be considered "inherently safe," depending on implementation.

          Hence the " **may** be considered 'inherently safe' -- if properly implemented " bit.

          It should be kept in mind that some of the more modern Harvard architecture machines are microcontrollers in embedded systems, which are (generally) more readily hardened against code infiltration and code rewriting attacks, by virtue of requiring the chip containing the software to be physically removed and mounted in an EEPROM programmer to modify the programs stored within.

          However, even this level of protection only gets you so far. Not even a Harvard machine will stand up to a highly sophisticated attack, if the attacker can gain access to the processor's address and data buses, divert the bitstreams to an external system for processing and analysis, then inject specially-crafted data back into the system.

          A given system can therefore only be considered "inherently safe" with regard to the purpose for which it is designed. A microcontroller implementation which is suitable for telco use, and considered "inherently safe" by the telecom industry, may not be suitable for running a nuclear missile launch control system. The device is thus "inherently safe" for one application, but not another.

    4. some vaguely opinionated bloke

      what version?

      "... the Linux kernel is the largest software project on earth... it is always changing... that kind of makes it a moving target as far as exploits are concerned."

      Yes indeed, if all existing installations are patched or upgraded as soon as the new version is available.

      What percentage of installations still use the original vulnerable kernel? What percentage use the first fixed kernel? What percentage use the second vulnerable kernel? What percentage are going to be patched today with the fixed fixed kernel?

      How many users (home or business) actually upgrade the kernel every three-ish months?

      It might be a moving target, but if it's a mile long it takes a minute to pass through your sights at 60mph... plenty of time to get quite a few shots off...

      1. Keith Williams
        FAIL

        title, I don't need no frackin' title

        1/2 mile @ 60mph=1/2 minute

      2. ejmarkow

        Patch Promptly Applied

        > Yes indeed, if all existing installations are patched or upgraded as soon as the new version is available.

        Patch applied and kernel upgraded.

        [ejm@Galicja ~]$ uname -a

        Linux Galicja 2.6.36-rc4-git3-ARCHMOD #1 PREEMPT Fri Sep 17 13:17:59 CEST 2010 x86_64 Genuine Intel(R) CPU 575 @ 2.00GHz GenuineIntel GNU/Linux

        It was a cake walk!

        > How many users (home or business) actually upgrade the kernel every three-ish months?

        I upgrade almost every time a significant patch comes along, and that can be once per week.

    5. ejmarkow

      Current Linux Version

      > Currently it is at 2.6.35.x I think.

      Actually, as of today (Friday, September 17, 2010), the current version is:

      Linux Kernel 2.6.36-rc4-git3 (includes the patches for the most recent exploit)

      I just downloaded applied the patch, compiled and installed it on my box.

      [ejm@Galicja ~]$ uname -a

      Linux Galicja 2.6.36-rc4-git3-ARCHMOD #1 PREEMPT Fri Sep 17 13:17:59 CEST 2010 x86_64 Genuine Intel(R) CPU 575 @ 2.00GHz GenuineIntel GNU/Linux

  6. cor
    Linux

    Yawn....

    Maybe we should just make the kernel 'closed source' and then no-one would ever know about vulnerabilities.

    Amazing how the cliky-clicky brigade gets all horny when a weakness in Linux is exposed.

    Get a life. :)

    1. Antidisestablishmentarianist
      Flame

      Awwww

      is the poor little linux boy getting upset because someone is getting a taste of the same medicine every other OS gets when a fault is found.....

      Be careful getting off your high horse - it's a long way down.

      1. JEDIDIAH
        Linux

        A Bug versus a Virus.

        > is the poor little linux boy getting upset because someone is

        > getting a taste of the same medicine every other OS gets

        > when a fault is found.....

        It's not the same "medicine" at all.

        When Windows has a problem it's usually much more meaningful and real malware is released to the wild and people's systems actually get infected. The architecture of the system makes a bug like this far less dangerous.

        Local root exploits are as old as Unix and predate Linux entirely.

      2. kissingthecarpet
        Gates Horns

        its a legitimate point

        No, the point he's making is that other OS's try to hide their crap code by keeping it secret.

        By the way, if you have no strong views on the CofE being established or not, then your handle is a bit sad. I think I've made a similar point to you in the past. You do know what your handle refers to, I presume?

        My handle, however, refers to something that I do frequently, one way or another.

    2. CapitalW

      [Imagine catchy title here]

      Being closed source hasn't kept Windows vulnerabilities from being made public..... Malware developers don't let a simple license clause making it illegal to disassemble code slow them down.

      No matter what the OS, there will be vulnerabilities; even the old VIC-20 and C64 had their weak spots that would render them useless permanently.

      I prefer using Linux over any other OS, but don't operate under a delusion that it is 100% safe. Among the reasons I am such a fan of Linux and other open source software is that I love to play around with the code under the hood.

    3. Wize
      WTF?

      Being open source...

      ...shouldn't this have been found and patched ages ago?

      Oh wait, it was.

  7. Anonymous Coward
    Thumb Down

    Linux fans

    "No doubt, Linux fans will be quick to point out that the bug can be exploited only by those with a valid account on a targeted machine in the first place."

    This Linux fan tells you that it's a valid point, no matter you try to bashing it. Do you want to discuss the Print Spooler privilege escalation bug on Windows XP? I'm asking it because the existence of vulnerabilities like these are a big deal in corporate, government and educational environments. Sigh...

    Are the Windows "news" of critical bugs boring nowadays?

    1. Anonymous Coward
      Alert

      Someone help me out here

      ...but is there even coverage on privilege escalation issues inside Windows?

      I don't think there was any to-do being made after this Defcon presentation (http://vimeo.com/14581715) and, unless I missed something, there isn't any current defense against the escalation exploits much less "fixes".

      Maybe I'm off base with that statement. I know the guys had practiced their demo, I know they could break into lots of things - including Linux - but the way they described what they were doing with Powershell appeared to indicate that there was a huge hole allowing you to do pretty much whatever you wanted once you authenticated.

  8. Tom Chiverton 1
    Flame

    Gee

    Gee, thanks Red Hay. Nice one.

  9. Anonymous Coward
    Anonymous Coward

    Largest? Really?

    RE: t"he Linux kernel is the largest software project on earth."

    I've never heard that before, is it true or just something that seemed cool to write?

    1. Tim Parker

      Re : Largest? Really?

      "I've never heard that before, is it true"

      No. The latest release (2.6.35) has about 13.5 million lines of (non-documentation) code in it however, so it is quite substantial.

      " or just something that seemed cool to write?"

      Probably.

      1. Daren Nestor

        Or is it?

        If you think of the number of developers working on it, and the length it's been running as well as the code size, it might well qualify

      2. Anonymous Coward
        Grenade

        Jeez...

        That's some serious bloatware. No wonder they keep finding these bugs. Let's hope it never really goes mainstream or we could be in some big shit,.

  10. captain_solo
    Boffin

    Open = Secure?

    Its an operating system. Bugs are part of the process, as are security vulnerabilities. Fortunately the Unix/Linux/Mac world is built on an inherently secure foundation (which is why in almost every corporate, government, and education environment some distant relative of BSD System V has a significant installed base) and why these vulnerabilities are rarely seen in the wild - it still happens and part of the inherent security is the relatively small adoption among non-technical users. Windows might be more vulnerable indeed, but its vulnerability is heightened by the large numbers of users not regularly patching, and not using security software which the OS developer says is needed, its part of their security strategy like it or not. I don't think Linux is the second coming of anything, but this is just one of those things that happens during the process, not worth going all chicken little about.

    1. tropic_elf
      WTF?

      Inherently secure

      Mr/Ms/Mrs/Dolphin captain_solo, it would really help your case if you didn't just *say* that unix-clones are inherently secure, but also provided some *evidence* of this Inherent Security.

  11. Homard
    Grenade

    Sounds like a code fork BORK

    All multideveloper code has forks all over the place.

    Something has happened to allow this bug back in to the codebase. The question is what ? Across the board the fact that this is not a frequent issue indicates the codebase management tools are pretty good.

    Sheesh I can't even manage my own projects properly ! Or maybe I just can't program very well.

    Who am I to criticise ?

    1. sT0rNG b4R3 duRiD
      FAIL

      FAIL

      Yes, this is indeed a problem

      We should not look at *JUST* the bug but *HOW* it was allowed to happen and try and put safeguards against such a future recurrence.

      Human beings will always make mistakes but we should try and minimize them.

      One cannot deny this was sloppy.

      However, one should look at the positive side of it. The bug currently in question was found and reported because someone out there could look at the source. And there are people out there constantly looking at it. It is definitely a plus that we can do this.

      Who knows how many bugs remain hidden in, for example, windows because it is still closed?

  12. Anonymous Coward
    Anonymous Coward

    we think a measured WTF is in order.

    Is this official El Reg policy?

    1. some vaguely opinionated bloke
      WTF?

      furthermore,

      ... what is the accepted unit of WTF with which it should be measured?

      (icon is apt though not in the way originally intended)

      1. Wize

        You'd need to define a unit of WTF-age

        Something small like the bunny with a pancake on its head.

  13. Anonymous Coward
    Pirate

    Security By Obscurity Helps !

    I know the argument that SBO does not work. But imagine you had all the source code of a bank. From the RAID controller up to the internetbanking software. Only passwords and data memory contents would be a secret.

    A dedicated hacker would find a way into that in a couple of weeks, completely undetected. He could even set up a demo system and perform lots of fuzzing.

    The same applies to NSA, GCHQ or BND. All you had to do would be to push out the Virus/Worm over an unencrypted SATCOM system and inject it right into their collection system. I assume this would actually be a quite direct link to Mr Obama's computer. After all, he is a consumer of that intel.

    Security By Obscurity makes it impossible (or rather "improbable" ?). Please sleep well.

    1. amehaye
      FAIL

      Re StrongType

      Someone is *wrong* on the Internet. Right now, that someone is you.

      1. Peter Jones 2
        Thumb Up

        Actually...

        Little of column A, little of column B.

        SBO as the only security implementation is doomed to fail. But, if StrongType means that implementing SBO *in addition* to other sceurity practices is a good idea, well, it kind of is.

        There is a reason safe doors are opaque and not transparent. It's a lot easier to crack the thing if you can see all the moving parts.

    2. Anonymous Coward
      Happy

      Nice!

      I love a bit of comedy SciFi with my breakfast.

      Cheers!

    3. max allan
      FAIL

      Wrong on so many levels...

      What makes you think a dedicated hacker couldn't find his way into a SBO system in a couple of weeks?

      The same time spent poring over the source code can be sent doing an awful lot of "random" packet injection.

      In an open system, the "cleverest" person wins. If he's on your side you're going to beat the hacker. As soon as he notices the flaws he tells you and you close them.

      In an SBO system, if someone does get in undetected, nobody else is looking at it to tell you where your flaws are, you're never going to know.

      Look at the number of software products out there with licence restrictions that "cracks" are available for to see how often closed source is defeated.

  14. Anonymous Coward
    Troll

    Now all we need...

    is some conspiracy theorist alleging that Mr. Roland McGrath from RedHat has ties to the NSA...

    1. Anonymous Coward
      Joke

      I've heard that Mr. Roland McGrath...

      of Redhat has ties to the NSA. Anyone else heard that?

    2. FuzzyTheBear
      Black Helicopters

      Flies Black helicopter too !

      He is :) RedHat is a NSA full undercover outfit with ties with the FBI

      Oh .. throw in Linus Torvalds included the code back in cause that allows the NSA to get in and out your box as they please and all of a sudden we have a tin foil hat crowd ready for more.

      It's for the people's own good. Oh .. and ElReg ( while at it ) also supports fully Interpol and MI-5

      by sending them all your comments ... Your suspicion something's odd will land you in Guantanamo. See you there :)

      lol

  15. Anonymous Coward
    Boffin

    @Larget Software Project

    The 5,000 or so people who worked on 100m lines of Lucent 5ESS code beg to differ or at least compete.

    Linux is only the biggest in terms of number of developers and other contributors working on it. In lines-of-code terms its relatively small.

    IMO, whole distributions such as Redhat, Debian, or Mandrivia as FOSS "Projects" can be considered far larger with their close to billions of LOC and tens of thousands of contributors work being pulled in.

    1. Anonymous Coward
      Anonymous Coward

      Brian, is that you?

      Or Ken, or Dennis?

  16. Michael H.F. Wilkinson Silver badge

    My code-base is bigger than yours

    arguments seem a bit petty. Adding pointless LOC is only too easy, whereas keeping something small and functional is an art in itself. Yes I was proud of the 150kLOC I wrote for an image processing system, but more proud that it could easily be ported, and worked in less than 640kB of memory (MS-DOS-days).

    I would be far more proud if I could create a fully functional kernel with half the LOC of the current Linux kernel. The point is I cannot,of course ;-)

  17. Ocular Sinister
    FAIL

    Unit test?

    Now, I know its boring to do, but why don't they write automated test cases for bugs as they get fixed. Fair enough, they had a bug and it got fixed. Not fair enough that it was re-introduced - that was avoidable by following some simple processes like refusing to accept the patch without a corresponding automated test.

  18. Trevor_Pott Gold badge

    Squirrel!

    As above.

    (Might make sense if you watch the daily show.)

  19. Anonymous Coward
    Gates Halo

    The Word For Today Is.........

    I am inherently pleased the posts on this subject have not resorted to the inherent tendency to overuse the adjective inherent.

    This appears to be inherent in a lot of posts you read these days. Particularly with regard to security and it's inherently important role in operating systems.

    For example the, incorrect, assertion that the Linux kernel is inherently safe.

    I for one am inherently glad that inherent and it's friend, intrinsic, are not being used incorrectly by people just to make them sound clever.

  20. Magnus_Pym

    Wow. Turns out peer review works.

    Who knew?

  21. Anonymous Coward
    Anonymous Coward

    @ Magnus_Pym

    Actually it seems that peer review in this case is the cause of the problem:

    A problem was found and fixed: Yay! for peer review.

    However the problem was then regressed back in: Boo! for whatever review system failed here.

    The problem was not looked for again because it had already been found* and fixed: Boo! for peer review.

    Now, we all know these things are rife in Windows code but that should make it even less likely to happen in the open source world.

    *I assume when you basically ask people to look for bugs with no real direction then it is human nature to only look for something new and interesting rather than invest your precious free time in looking at something that has already been "found". Although as I have no programming abilities I have no involvement in the linux bug searching process so I don't know how it works.

  22. Anonymous Coward
    FAIL

    Disappointing...

    that El Reg didn't mention once again that Ubuntu is the most popular distro and soon to take over the world. Bit of a fail there, a break from policy and all that.

    The assertion that Red Hat has ties to the NSA and others is ridiculous. Having a former Joint Chiefs Chair as Board Chair at Red Hat is only coincidental and portends nothing along that line. One should have explicit trust in a Joint Chiefs Chair as it is nearly the highest political office in the land - the Homeland, that is. Not the Fatherland or the Motherland - but the mother of all lands - The Motherland.

    That fist up your rear as you move through the airline terminal is proof that the Generals have made the Homeland safe against all enemies - real or imaginary.

  23. Anonymous Coward
    Linux

    Nice Little Graph

    http://en.wikipedia.org/wiki/File:Operating_systems_used_on_top_500_supercomputers.svg

    Bottom Line: Linux has already won in the datacenter. With Android, it attacks PCs from below. Mr Ballmer will have a hard time sandwiched like this.

    Actually, Penguins eat other animals, despite looking so cute...

    1. Anonymous Coward
      Anonymous Coward

      @Strongtype

      Supercomputing is a tiny aspect of datacentre and one which the vast majority of companies have no use for. You may as well say that because z/OS runs on pretty much all Mainframes that it has won in the datacentre. This ignores other platforms - VMS, Windows, Tandem, Commercial UNIX, BSD UNIX all of which are still used in datacentre, Windows and Unix in massive numbers.

      1. Anonymous Coward
        Stop

        Agreed

        - this graphic is about Supercomputing. Still, from what I see in all sorts of high-speed, high-troughput applications in the *commercial* datacenter, Linux is winning. Frankfurt, Tokio, NYSE to some unknown extent, Google Search Engine, Facebook all on Linux.

        Countless other systems in Finance on Linux. Almost all new development is now done on Linux in the financial industry (talking of the datacenter). Only the little Excel hacks and strange departmental Access database happen on Windows.

        There still are quite a few mainframe systems (MVS, VMS, Tandem etc) in operation, but most new systems are done in Linux/C++ (for the most demanding systems) or on Linux/Java (for less demanding requirements). As soon as programmers have understood how they have to map the workload on hundreds of cheap Linux PCs, the mainframe becomes an incredibly expensive option. Windows server is also much more expensive, if you multiply CPUs with the license cost. In addition, Linux comes with ssh/bash out of the box while you have to buy lots of strange stuff for Windows server if you want to administer a huge cluster. And then, develop some more strange stuff in C++ yourself to just operate/administer the cluster.

  24. Anonymous Coward
    Linux

    Linux In The Financial Industry

    http://customers.redhat.com/category/industry/financial-services/

  25. Henry Wertz 1 Gold badge

    Kernel updates not uncommon

    @some vaguely opinionated bloke, re: what percentage will upgrade the kernel.. probably a fairly large percentage. Kernel updates are part of the usual updates on most distros -- not just haphazzardly upgrading to the latest and greatest (except on the likes of gentoo ~x86, or debian current heh..) but porting bug fixes and especially security patches back to whatever kernel that distro shipped with and shipping out an update. I can't speak for all distros, but the tendency for a lot of distros is to even continue releasing security updates for older versions that are otherwise unsupported.

    I would venture some don't even notice when the kernel updates -- there are places where the version number is shown but it's a minor digit update, for instance my Mini 10 (with Ubuntu 8.04 netbook edition) went from 2.6.24-24-lpia to 2.6.24-27-lpia. Easy to not even notice since it's 2.6.24 either way 8-).

    ----------

    Regarding the kernel bug being thrown in twice... as a big Linux fan, I'll make no excuse for this, frankly it's rather embarrasing that they managed to fix a security bug then reintroduce it. All I can say is it shows everyone is human 8-). I guess it didn't affect me since none of my systems are running 64-bit kernels 8-).

  26. John Smith 19 Gold badge
    Boffin

    Biggest software project on the planet?

    Well I'd that *might* be one made for the biggest institutions on the planet.

    The Indian Railway system.

    The Chinese Army

    The British National health Service.

    The Indian Railway timetabling and booking system is meant to be *pretty* big and of course various bits of the NHS system are certainly costly (not sure how much of them was written from *scratch* however)

    Does anyone know if the Chinese Army run any bespoke software?

  27. Cyfaill
    Linux

    Largest software project ever - yes

    I see that perhaps a bit of help in understanding what I wrote:

    http://www.youtube.com/watch?v=L2SED6sewRw

    It is the largest... hundreds of companies supply code which potentially make it into the kernel.

    I stand by what I say... what make it inherently safe is the active participation of those who use it.... trying to make it perfect... no, it can't be done, but the continual effort brings to the development a tenacious and durable code which make it a tough and capable product which represent the best efforts of some of the most clever software people alive.

    Flame on, but it is the truth, Linux is the collective effort of a massive broad and diversified interests from around the world. Linux dominates because it is that good. It is in thousands of uses all over the world.

  28. fskmh
    Linux

    Hello grsec

    "No doubt, Linux fans will be quick to point out that the bug can be exploited only by those with a valid account on a targeted machine in the first place."

    Nope, but I'd like to point out that this doesn't work on a grsec-patched kernel (just tried it on 2.6.34.6-grsec). Let's see you preempt that one.

  29. sisk
    Coat

    It's still news

    I'll just point out that this made the news. Bugs of this nature on certain other OSes ceased to be front page matieral decades ago.

    Mine's the one with the custom rolled Debian live CD in the pocket.

  30. Anonymous Coward
    Alien

    linux != linux

    Man, funny how many people can't wait to push some large companies forward who are using "linux". See; google uses it so... Yes, google uses linux. But what people always forget to mention is that they hacked it beyond recognition. Most companies don't use "linux" as we know it; they merely adopted it as a foundation.

    1. sisk
      Linux

      Still Linux

      Yes they've hacked the hell out of it. The fact that you can do that is one of Linux's greatest strengths. Don't believe me? Try to do it using Windows as a starting point.

      Besides, you're wrong. Android is quite recognizable as Linux. I can't speak about the data centers but I'd imagine the same is true of them.

  31. Anonymous Coward
    Go

    Why Windows Can't Compete

    Using a Unix Computer is done by actually a kind of ASCII-based programming:

    Say you want to know who accessed the file MyFirstGo.html on you web server. On Unix you just Command The Computer using ASCII:

    $ grep MyFirstGo.html /var/log/apache2/access.log |cut -d " " -f1|sort|uniq|xargs -l1 nslookup|grep "name ="

    53.112.74.212.in-addr.arpa name = e1-1.ns500-1.ts.milt.as9105.net.

    10.197.11.217.in-addr.arpa name = isgservices.frankfurter-softwarefabrik.de.

    40.124.105.78.in-addr.arpa name = 78-105-124-40.zone3.bethere.co.uk.

    27.48.46.80.in-addr.arpa name = 80-46-48-27.static.dsl.as9105.com.

    176.213.92.84.in-addr.arpa name = wbucknall.force9.co.uk.

    216.4.16.86.in-addr.arpa name = client-86-16-4-216.pete-bam-1.pete.adsl.tesco.net.

    What would you do on Windows ? Yeah, get your credit card ready, shell out 500 dollars to buy a "web analytics" tool with a nice clicky-clicky GUI. Three days later you have a little bit different problem. What do you do ? Pull again the credit card out of the pocket ??

    Windows is doomed because the metaphor that users are dimwits who can only click on pictures is an insult to anybody's intelligence. The MS CTO already realized that Google is the "internet command line". He meant it derogatory, but it is exactly the truth, just in the way MS does not want it to be.

This topic is closed for new posts.