Re: making Debian secure by default

To: debian-user@lists.debian.org
Subject: Re: making Debian secure by default
From: Joe <joe@jretrading.com>
Date: Mon, 1 Apr 2024 13:47:41 +0100
Message-id: <[🔎] 20240401134741.7a2ca89c@jrenewsid.jretrading.com>
In-reply-to: <[🔎] ZgoRo7jKKXSEV7Ai@mail.bitfolk.com>
References: <CAD8GWssBoRrCzW0TSUGxMeuY=y_bTM-nMuSO7_4g1Kyk79fgqQ@mail.gmail.com> <ZgSljhflfCtsnnCq@mail.bitfolk.com> <CAD8GWsswLPH327tvj64HkWuMfayXczJyyviSk9Um2CAHHjoovg@mail.gmail.com> <ZgVw+HFmMseszOcm@mail.bitfolk.com> <ZgWLmLCjcOTqhk2a@wooledge.org> <slrnv0bba0.1hf.curty@einstein.electron.org> <Zgbx8L7m3k92QWzm@mail.bitfolk.com> <20240329172333.7439c34e@jrenewsid.jretrading.com> <[🔎] CAJmb-Y=M67E3PDrgzYkHt98gbzef5-0+2q2RubwhGurxkaH1-g@mail.gmail.com> <[🔎] ZgoRo7jKKXSEV7Ai@mail.bitfolk.com>

On Mon, 1 Apr 2024 01:45:07 +0000
Andy Smith <andy@strugglers.net> wrote:

>  "enough eyes make all bugs shallow"
> doesn't hold true unless the process is actually providing those
> eyes.
> 

I think this was amply demonstrated by Heartbleed, where the offending
code was examined by *one* other pair of eyes, before approval was
granted for inclusion in OpenSSL.

-- 
Joe

Reply to:

Follow-Ups:
- Re: making Debian secure by default
  - From: John Hasler <john@sugarbit.com>

References:
- Re: making Debian secure by default
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: making Debian secure by default
  - From: Andy Smith <andy@strugglers.net>

Prev by Date: Re: making Debian secure by default
Next by Date: Re: help needed to get a bookworm install to succeed
Previous by thread: Re: making Debian secure by default
Next by thread: Re: making Debian secure by default
Index(es):
- Date
- Thread