[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
- To: [email protected]
- Subject: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
- From: [email protected] (rysiek)
- Date: Thu, 10 Apr 2014 22:08:16 +0200
- In-reply-to: <D58D264D95D9D30B5531C67F@F74D39FA044AA309EAEA14B9>
- References: <CAEzaO-X2-_+uDdxpi3XqXWLCG6PAHTKMASLZWz3pMMZFQ2_DDQ@mail.gmail.com> <CAD2Ti2_tOpe+gvwqwr3G91jnFw8T=ihsaEYsB53+6iDh8reEwQ@mail.gmail.com> <D58D264D95D9D30B5531C67F@F74D39FA044AA309EAEA14B9>
Dnia czwartek, 10 kwietnia 2014 16:26:46 Juan Garofalo pisze:
> --On Thursday, April 10, 2014 3:46 AM -0400 grarpamp <[email protected]>
>
> wrote:
> > On Wed, Apr 9, 2014 at 2:29 PM, Christopher J. Walters
> > <[email protected]> >
> >
> >> It makes me wonder if the NSA was involved in inserting this bug into
> >> OpenSSL clients and servers.
> >
> > That would be 2+ years of amazing win on NSA part [1]. Any unlikely
> > impropriety would come out soon. More likely reality... opensource
> > people are busy and good humans and coding mistakes happen.
>
> Oh. And what about the constant babbling stating that open source is
> oh-so-great security-wise because lots of people can look at the code bla
> bla bla bla bla. Bla!
Well, they can. Doesn't mean they do. Time to get the message out there:
"start bloody looking at the code".
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140410/71544290/attachment.sig>