Security Fixes and Transparency of Free Software

Within a day there has been a raft of some major security bug reports coming in on. A summary:

Bash bug that allows remote arbitrary execution of malicious input

RSA Signature Forgery in NSS – FireFox’s crypto-library

Apt-get remote Buffer Overflow

There is no need to be uneasy about these recent events. If anything it is encouraging to see the transparency of the security pen-testing community and the benefits of Free Software in action. Security researchers can easily find flaws and within the source code because its available for all to see. Bugs could be fixed quickly without anyone’s permission. That’s a few 0days governments won’t have.