Monday Jun 29, 2009

☞ Required Security Reading

Monday Jun 04, 2007

LiveMink: Alan Hargreaves and the telnetd bug

While I was in Australia last month I went to the Sydney OpenSolaris User Group, one of the oldest OSUGs. As part of the evening's casual conversation, I interviewed Alan Hargreaves. Alan was one of the first engineers in the OpenSolaris community to work on the telnetd bug that was zero-dayed onto the Solaris 10 community, and in this interview he describes a frantic day spent working on the defect. Some key quotes:

  • "This bug was a putback to kereberise telnetd"
  • "It didn't exist in OpenSolaris within about six hours of being reported"
  • "The actual fix was submitted by someone on one of the OpenSolaris discussion forums"
  • "It seems to me in this case closed source made the code less secure and open source fixed the problem"

Listen on!

LiveMink—[MP3]—[Ogg]—[iTunes]—(12' 00")

About

Thoughts and pointers on digital freedoms and technology markets. With a few photos too.

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today