LiveMink: Alan Hargreaves and the telnetd bug
By webmink on Jun 04, 2007
While I was in Australia last month I went to the Sydney OpenSolaris User Group, one of the oldest OSUGs. As part of the evening's casual conversation, I interviewed Alan Hargreaves. Alan was one of the first engineers in the OpenSolaris community to work on the telnetd bug that was zero-dayed onto the Solaris 10 community, and in this interview he describes a frantic day spent working on the defect. Some key quotes:
- "This bug was a putback to kereberise telnetd"
- "It didn't exist in OpenSolaris within about six hours of being reported"
- "The actual fix was submitted by someone on one of the OpenSolaris discussion forums"
- "It seems to me in this case closed source made the code less secure and open source fixed the problem"