Comments on: Exploit code released for Nvidia flaw
Rapid7, which says it discovered the flaw in the Linux graphics driver, says risk goes back to 2004.
Most Popular
Latest tech news headlines
- Microsoft to plug critical IE hole targeted by exploit code
December 3, 2009 12:59 PM PST
- CNET News Daily Podcast: Bing eyes Apple turf
December 3, 2009 12:47 PM PST
- Time shows off tablet-size version of Sports Illustrated
December 3, 2009 12:32 PM PST
- See all headlines
RSS Feeds
Add headlines from CNET News to your homepage or feedreader.
More feeds available in our RSS feed index.
- Markets
Related quotes
As Linux deployment grows, you fanboys on your high horses will realize that you are actually riding a mule.
I'd run, because there ain't enough asbestos for you, my friend. Logic doesn't fly around here, it just attracts the religious and brainless on both sides of the aisle.
See the inevitable comments below...
How do you remember to breathe?
If this was opensource, the problem would have been identified a very long time ago by someone, and it wouldn't take months, but just a few hours to fix it
I would call this an abuse of trust that needs consequences, not a major linux problem since the problem isn't the kernel.
BTW newsreader, I kept my response to explain to you as short as possible to make it clear where the real problem lies, you never know when you have to reboot your windows security nightmare again
Or, as the story explains...
>> "It is our opinion that Nvidias binary driver remains an unacceptable security risk..."
But, say... wasnt that, sort of, exactly... why so many OSS-supporters were so adamant about condemning the inclusion of such "closed-source code" into the core of the "Linux" ecosystem, just a little while ago..?
Of course... "NVIDIA" is trying to down-play the problem...
"NVIDIA" says theyre.., "...comfortable with the processes it has in place, despite the publication of the proof-of-concept exploit code".
Nonetheless, ONLY "*nix" users running "closed-source binaries", for "NVIDIA" hardware... are at risk, in this instance. And, though, I really like "NVIDIA" products, and would hope that the "Linux" driver-model will be quickly reworked to address this type of, potential, issue... this clearly highlights one of the real-problems with allowing "black-box" modules in ANY computer-software environment...
...the end-user is at the mercy, whims, and goals, of whoever holds the actual keys to their system.
My conclusion:
"Closed-source" - GOOD for a few businesses (usually for the wrong reasons)... generally BAD for the consumer (for the PAINFULLY-OBVIOUS reasons).
Well... thats my opinion, anyway.
- X11 driver, not Linux
- by cabdriverjim October 18, 2006 3:32 PM PDT
- The way I read the information it seems pretty clear the flaw is in the X driver code which renders glyphs (text, symbols, etc). Which means this almost certainly affects all operating systems running X with nvidia's proprietary binary-only drivers. Not a Linux issue at all, really.
- Like this Reply to this comment
-
(8 Comments)It looks like this problem may be fixed in the 9625 beta drivers, also.
In any case, this underscores why proprietary drivers (and software in general) are a very bad thing. The problem has been known about for quite some time yet users who are forced (some newer cards don't work with 'nv') to use the proprietary driver are helpless to solve the problem. Aside from buying another vendor's video card, that is. But there really aren't many good choices. ATI is no better and in many ways worse. And nvidia has some useful features like SLI.
Perhaps someone will take this as a chance to promote a Linux-friendly 3D video card which isn't proprietary. Rather than jumping up and down screaming "See I knew Linux was as bad as Windows" as an excuse for their not bothering to understand anything about non-Microsoft systems.