Comment on Google pays $250K for Linux vulnerability allowing guest VM escapes
Ooops@feddit.org 1 day ago You are right. I don’t know what your personal definition of “security through obscurity” is as it’s very obviously not matching actual reality.
atzanteol@sh.itjust.works 1 day ago
Just google the term next time rather than embarrassing yourself.
Yes, please do.
The actual notion of “security through obscurity” (that will surely come up on Google if their AI bullshittery hasn’t screwed up completely…) for Linux is insane because open source is the polar opposite. The often more unprecise and colloquial usage I thus assumed you were using doesn’t apply either, for the reasons I summarised.
So which imaginary definition of “security through obscurity” are you using when none of the real ones makes any sense?
atzanteol@sh.itjust.works 21 hours ago
OMG.
en.wikipedia.org/wiki/Security_through_obscurity
You don’t know what you’re talking about - please stop. It’s embarrassing. It’s a long-standing industry term not some weird phrase I just made up. Nobody is saying “Linux is obscure”.
helix@feddit.org 16 hours ago
You quoted something directly contradicting what you said. Nothing is concealed, every line of erroneous code could have been analysed for 15 years. All information needed to find the bug was public since it the code has been written and checked in publicly.
How about scrolling up to the exact comment I anwered to? Or -as you seem to be on the exceptional dense side- let me do it for you…
As already explained above I did not expect that statement to use the common “long-standing industry term” because -again- it would be utterly insane to claim security through obscurity for something open source.
clb92@feddit.dk 15 hours ago
That’s literally the opposite of what open source and Linux does. Anyone can see how it works, so they have to have actual security instead of relying on security through obscurity.