[tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
rysiek
rysiek at hackerspace.pl
Thu Apr 10 13:08:16 PDT 2014
Dnia czwartek, 10 kwietnia 2014 16:26:46 Juan Garofalo pisze:
> --On Thursday, April 10, 2014 3:46 AM -0400 grarpamp <grarpamp at gmail.com>
>
> wrote:
> > On Wed, Apr 9, 2014 at 2:29 PM, Christopher J. Walters
> > <cwal989 at comcast.net> >
> >
> >> It makes me wonder if the NSA was involved in inserting this bug into
> >> OpenSSL clients and servers.
> >
> > That would be 2+ years of amazing win on NSA part [1]. Any unlikely
> > impropriety would come out soon. More likely reality... opensource
> > people are busy and good humans and coding mistakes happen.
>
> Oh. And what about the constant babbling stating that open source is
> oh-so-great security-wise because lots of people can look at the code bla
> bla bla bla bla. Bla!
Well, they can. Doesn't mean they do. Time to get the message out there:
"start bloody looking at the code".
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140410/71544290/attachment-0002.sig>
More information about the cypherpunks
mailing list