by Bryan Lunduke
Every minute of every hour of every day, software bugs are hard at work, biting computer users in the proverbial posterior. Many of them go unnoticed (the bugs, not the posteriors). More still rise to the illustrious level of "bugs that are minor annoyances".
Yet sometimes, when the stars align just so, a bug manifests itself in a truly glorious way. And when I say "glorious", I mean "utterly destructive and soul-obliterating". Nowhere are these bugs more insidious than when they are within the operating systems (and key components) themselves.
Case in point: an October 2018 bug in an update for Windows 10 caused entire user folders to be deleted. Documents? Gone. Pictures? Like they never existed at all. This was a singular OS update that vaporized files from low-Earth orbit.
After that bug impacted roughly 1,500 Windows 10 users—before it even hit widespread distribution—Microsoft pulled the update entirely.
Then, after the engineering team in Redmond thoroughly tested and fixed this gnarly bug, they did the only obvious thing: re-release the system update—with another file-destroying issue. This time it was in their un-zip functionality. More files lost to the sands of time.
Seriously. That actually happened.
Things aren't necessarily that much better over in Apple land, either.
A little more than a year ago—at the end of November 2017—a bug occurred in Mac OS X (yeah, I know they've renamed it "macOS", but I'm stubborn and I'll call it what I want) that allowed anyone to gain root access to any Macintosh (running the latest version of the OS) by following these extremely complex steps:
- Turn on a Macintosh.
rootas the user name and leave the password blank.
- Press Enter.
I know. I know. That'll be hard to remember, right?
To Apple's credit, the company did manage to release a system update rather quickly, thus minimizing the potential damage. But, just the same, I'd say that one calls for a "yikes"—possibly even an "oh, dear".
As satisfying as it is to make fun of Microsoft and Apple—and, boy howdy, is it ever—we in the Linux (and general Free and Open-Source Software world) are not immune from highly embarrassing, crazy destructive bugs and security vulnerabilities.
What follows are two that I find rather interesting. One is a remote exploit that had serious ramifications. The other is a local security bug that, well, I find amusing.
Read full article on Linux Journal