Language Selection

English French German Italian Portuguese Spanish

Researcher behind Linux Kernel flaw explains motives

Filed under
Linux
Interviews

When a vulnerability researcher discloses a flaw in a widely-used operating system or application, some IT professionals question the motive. Such has been the case with a Linux Kernel flaw that was disclosed last week. Wojciech Purczynski, a researcher with Singapore-based security firm COSEINC, discovered the flaw, and a researcher using the online name "Qaaz" followed it up with attack code. Qaaz declined an interview request, but Purczynski did answer some questions in an email exchange. In this Q&A, he explains how he reported the security hole and why Linux users should take his findings seriously.

Describe the sequence of events.

Purczynski: I was quite busy doing some other tasks here at COSEINC so I had to postpone publication of the vulnerability. But on Feb. 1 I made initial contact with The Red Hat Security Response Team, then we contacted with kernel developers so they could provide a quick fix for this vulnerability.

Explain the severity of the vulnerability and why, since it involves the kernel, IT administrators in Linux-based environments should be concerned.

More Here




More in Tux Machines

Security: Trezor, Kaspersky and Secure [sic] Enclave Processor

Android Leftovers

Linux-loving lecturer 'lost' email, was actually confused by Outlook

ON-CALL Friday means a few things at El Reg: a new BOFH. A couple of beers. And another instalment of On-Call, our weekly column in which we take reader-contributed tales of being asked to do horrible things for horrible people, scrub them up and hope you click. This week, meet “Newt” who a dozen or more years ago worked at a College that “decided to migrate from a Linux system to Microsoft Outlook with an Exchange back end.” Read more

Looks Like Debian GNU/Linux Runs on Quite a Few Mobile Devices, Including Pyra

Debian Project's W. Martin Borgert reports today that work on making the famous and widely-used Debian GNU/Linux operating system run on various mobile devices continues these days. Read more