[tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
dan at geer.org
dan at geer.org
Thu Apr 10 20:15:12 PDT 2014
> It makes me wonder if the NSA was involved in inserting this bug into
> OpenSSL clients and servers.
If they did it, someone got a promotion. If they are as surprised
as you are, someone got fired.
In the meantime, tell me that gcc is so compact and well vetted that
there is no room in it for insertions...
--dan, channeling for Ken Thompson
More information about the cypherpunks
mailing list