[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On 20140416_0823+0000, Curt wrote:
> On 2014-04-16, Slavko <slavino@slavino.sk> wrote:
> >
> > If this vulnerability comes not from newbie and was made by intent,
> > thing are worse than wrong. Then it is an attack to alone fundamental of
> > the free/open software. And what community about this? Where are
> > information, from who this vulnerability arrived? It is experienced
> > expert or it is a novice? Contribute this person to another (especially
> > security) projects too? What this person tell about this? And more and
> > more another questions are left unanswered.
> Robin Seggelmann introduced the bug:
> >From the Sydney Morning Herald:
>  Dr Seggelmann, of Münster in Germany, said the bug which introduced the
>  flaw was "unfortunately" missed by him and a reviewer when it was
>  introduced into the open source OpenSSL encryption protocol over two
>  years ago.
> Only four eyes?

This is a silly rhetorical question. 
How many 'eyes' are appropriate for a last, final look?
Many, many eyes had surely already looked at the same code before
this final look. 

Paul E Condon           

Reply to: