Shell Shocked Apology

crazyIn the previous blog I brought up the specter of our printers and other devices being affected by the Shell Shock vulnerability in the Bash program. This is on the alarmist side and I apologize for my over zealousness. While it is a possible threat most devices will probably use one of the smaller cousins of Bash.

Worse Than We Thought

The problem in Bash while deeper and worse than we in the IT industry at first suspected the dangers do not increase for the regular computer user. The problems just make it harder for us to fix. There have been three fixes in the last two days. These we have discovered to just shift the problem to other areas. It does seem, however, that the researchers are getting to the root cause of the problem.

The fixes proposed so far are not so pleasant for us in IT. To put in the fixes may require many programs to be modified to work with a new version of Bash or to use an alternative that doesn’t have all the features of Bash. It is one of those features that makes Bash vulnerable but is often the reason it is used rather than competing programs. The other being is that many systems use it by default.

At affinity we are currently experimenting with an alternative to Bash, called Dash. Our affinity programs don’t use the failing Bash feature, as far as we know. That is still being tested and then being migrated into our web and mail sites. The substitution should work for our programs. The problem is the programs we use. They may use the problematic features of Bash thus the need for testing.

Internet Services

As we at affinity and other IT departments around the world test fixes and replacements some web, mail and other Internet services may become unavailable. Just wait for a fix or contact the service you are using. e.g. if you have problems with your banking site call your bank.

Continuing Coverage

As information becomes available I will make it available on the blog at http://affinitycm.com/blog.html.

The newspapers that print this blog may not be able to carry all the updates that come. It is also a good source to check how websites and mail hosted by affinity are affected. I hope to have a user friendly way to detect if a website you use has been fixed or not. So, keep checking the blog. The blogs that get sent to the newspapers are also posted to the affinity facebook page.