Samsung Patching Security Hole Found in Exynos SoCs

Status
Not open for further replies.

azraa

Honorable
Jul 3, 2012
323
0
10,790
3
So what?
Its still better to have it open source, so people can read every last intruction. With other systems we never hear of bugs because probably those are all covered up.

Good to hear they found that mistake, this kind of stuff keeps engineers up to date and more aware at their tasks.
 

InvalidError

Titan
Moderator
Computer-illiterate technology journalists/sensationalists mis-attributing a software design flaw to hardware...

I hate when journalists write about something they clearly have no clue about just for the headline.
 

rantoc

Distinguished
Dec 17, 2009
1,859
0
19,780
0
[citation][nom]azraa[/nom]So what?Its still better to have it open source, so people can read every last intruction.[/citation]

Its both ways - A skilled hacker (not speaking script kiddies here) could with less effort find weaknesses in the open source's code than closed source that requires some additional steps to identify the weaknesses - The same goes the other way. If its open source there are more eyes on the code and thus also more likely to find the weak spots and plug them...

So yeah its both ways when speaking about security!
 

A Bad Day

Distinguished
Nov 25, 2011
2,256
0
19,790
2
[citation][nom]azraa[/nom]So what?Its still better to have it open source, so people can read every last intruction. With other systems we never hear of bugs because probably those are all covered up.Good to hear they found that mistake, this kind of stuff keeps engineers up to date and more aware at their tasks.[/citation]

For example, Citi Bank had a major URL flaw where hackers could simply replace some numbers in the URL and log into random accounts. Then then built an automated number generator/enterer to break into hundreds of thousands of accounts.

The website designer stated that security and features are incompatible.

But no one in the public knew about the flaw, because the bank never revealed it for obvious reasons.
 

house70

Splendid
[citation][nom]rantoc[/nom]Its both ways - A skilled hacker (not speaking script kiddies here) could with less effort find weaknesses in the open source's code than closed source that requires some additional steps to identify the weaknesses - The same goes the other way. If its open source there are more eyes on the code and thus also more likely to find the weak spots and plug them... So yeah its both ways when speaking about security![/citation]
It is both ways, but not equally so - an open-source Linux distro is considered far more secure than other OSes. Even the fact that the CM devs were able to plug the hole faster than Samsung itself speaks for the advantage of open-source.
My first comment was directed at Samsung - looks like they need new blood in their software division.
 

dark_knight33

Distinguished
Aug 16, 2006
391
0
18,780
0
[citation][nom]A Bad Day[/nom]For example, Citi Bank had a major URL flaw where hackers could simply replace some numbers in the URL and log into random accounts. Then then built an automated number generator/enterer to break into hundreds of thousands of accounts.The website designer stated that security and features are incompatible.But no one in the public knew about the flaw, because the bank never revealed it for obvious reasons.[/citation]

That's still highly irresponsible. With all of the website hacking going on, a flaw like that could expose millions of people to theft and fraud. Something Citi would eventually be found negligent for. OTH, if Citi had used OSS, a hole of that magnitude would likely have been found and fixed before the code ever went live. OSS will always be more secure, and fixed faster than close source.
 

mouse24

Splendid
[citation][nom]A Bad Day[/nom]For example, Citi Bank had a major URL flaw where hackers could simply replace some numbers in the URL and log into random accounts. Then then built an automated number generator/enterer to break into hundreds of thousands of accounts.The website designer stated that security and features are incompatible.But no one in the public knew about the flaw, because the bank never revealed it for obvious reasons.[/citation]

If no one in the public knew about it than how do you know about it?
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS