Comment on Google pays $250K for Linux vulnerability allowing guest VM escapes
atzanteol@sh.itjust.works 2 days agoJust google the term next time rather than embarrassing yourself.
Comment on Google pays $250K for Linux vulnerability allowing guest VM escapes
atzanteol@sh.itjust.works 2 days agoJust google the term next time rather than embarrassing yourself.
Yes, please do.
The actual notion of “security through obscurity” (that will surely come up on Google if their AI bullshittery hasn’t screwed up completely…) for Linux is insane because open source is the polar opposite. The often more unprecise and colloquial usage I thus assumed you were using doesn’t apply either, for the reasons I summarised.
So which imaginary definition of “security through obscurity” are you using when none of the real ones makes any sense?
atzanteol@sh.itjust.works 2 days ago
OMG.
en.wikipedia.org/wiki/Security_through_obscurity
You don’t know what you’re talking about - please stop. It’s embarrassing. It’s a long-standing industry term not some weird phrase I just made up. Nobody is saying “Linux is obscure”.
helix@feddit.org 2 days ago
You quoted something directly contradicting what you said. Nothing is concealed, every line of erroneous code could have been analysed for 15 years. All information needed to find the bug was public since it the code has been written and checked in publicly.
How about scrolling up to the exact comment I anwered to? Or -as you seem to be on the exceptional dense side- let me do it for you…
As already explained above I did not expect that statement to use the common “long-standing industry term” because -again- it would be utterly insane to claim security through obscurity for something open source.
clb92@feddit.dk 2 days ago
That’s literally the opposite of what open source and Linux does. Anyone can see how it works, so they have to have actual security instead of relying on security through obscurity.