-- Leo's gemini proxy
-- Connecting to gemini.techrights.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Gemini version available ♊︎
Posted in Free/Libre Software, FUD, GNU/Linux, Security at 6:22 pm by Dr. Roy Schestowitz
Video download link | md5sum 4b7ddbb46fa6769b563d42abfd3763b2Trusting the FUD Blindly Creative Commons Attribution-No Derivative Works 4.0
http://techrights.org/videos/openssl-fud-again.webm
Summary: Fear, Uncertainty, and Doubt (FUD) campaigns have begun based on a lack of information rather than actual substance; Dramatisation of this kind merits a debate as the boy keeps crying “wolf!” in vain (because he sees a dog)
OVER the past 5 or so days we’ve included in Daily Links many articles about an upcoming patch for OpenSSL, not “imminently” as this was disclosed almost a week in advance, which is rather unusual (that long a timespan).
We’ve patiently been wanting to do a a response, waiting for insiders who can tell what the bug was or how severe it really was; we scolded some media for calling it "zero day" because as far as we can tell the term is misapplied, maybe even on purpose.
> “A lot of the media reports, not privy to any details, trust the panic makers despite having no details. Where’s the fact-checking?”
So many speculative, uninformed and uninformative articles have mentioned the magic “FUDword”, Heartbleed, still failing to recognise that it was a bug first discovered by Google and then hyped up by Microsofters to stigmatise Free software (we wrote a lot about this at the time). This was almost a decade ago; after that we saw many logos and sites (for pertinent bugs, not pieces of software) and even the occasional pranks after that, trying to reproduce that hype’s success [sic] because FUD travels fast and some firms wanted to “make a name” for themselves.
People with access to information or special privileges already caution us that the advanced notice is more about hype than substance. A lot of the media reports, not privy to any details, trust the panic makers despite having no details. Where’s the fact-checking?
Seeing how “Heartbleed” FUD was used by Microsoft for years (and "log4j" a year later, even by the anti-Linux Foundation), it seems likely that this is a campaign of drama, not a real security crisis. How many breaches will be caused by this? Time will tell, but probably not many (same as “Heartbleed”, where reality didn’t match the propaganda). █
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
Permalink > Image: Mail
Send this to a friend
----------
➮ Sharing is caring. Content is available under CC-BY-SA.
-- Response ended
-- Page fetched on Thu Jun 13 15:01:04 2024