Shellshocked: A Future Of �Hair On Fire� Bugs

Most computers affected by Bash will be updated within 10 years. The rest will be vulnerable for the lifespans of all humans now living. This should concern us. But then, global warming should also concern us.

It seems that the more we integrate our lives and our national economies into the Internet, the less safe we, and our privacy, and our money, become. The human population will eventually grow weary of the endless parade of worldwide hair-on-fire technology problems like Y2K, Conficker, Heartbleed, and, as of this week, Shellshock.

By “weary” I mean thoughts like “Another day, another bug, I have no time for this, I’ll upgrade everything when I get the time.” We may already be there, given that six full years after the Conficker worm was announced, we still see about a million unique IP addresses per day in the Conficker sinkhole. Those can’t all be student researchers checking to see if the botnet still exists. Sadly, every hour of delay dramatically increases the likelihood that the device will become more deeply infected before it is patched -- after which time, patches won’t actually make anything better.

[Read the rest on Dark Reading]

Dr. Paul Vixie is an Internet pioneer and thought leader who designed, implemented, and deployed several Domain Name System (DNS) protocol extensions and applications that are used throughout the Internet today. He is CEO of Farsight Security Inc. Previously, he served as ... View Full Bio