Re: Group thoughts on: Anti-virus tools
On Sun, 10 Mar 2019 19:46:42 +0000
mick crane <mick.crane@gmail.com> wrote:
> On 2019-03-10 17:13, Joe wrote:
> > On Sun, 10 Mar 2019 19:35:18 +0300
> > Reco <recoverym4n@enotuniq.net> wrote:
> >
> >> Hi.
> >>
> >> On Sun, Mar 10, 2019 at 04:32:42PM -0000, Curt wrote:
> >>
> >> >
> >> > I thought he was saying the surest approach is not touching
> >> > Windows with a ten foot pole,
> >>
> >> You're aiming too low. Not touching any non-free OS with a ten foot
> >> pole would be much more like it.
> >>
> >>
> > While bearing in mind that 'free' doesn't mean 'problem-free'.
> >
> > Remember how many people audited the Heartbleed code before it was
> > released?
>
> didn't I read openSSL just had the one full time guy for thousands of
> lines of code ?
I believe only one person other than the writer audited the code, and
this was a piece of core open-source security code. While "given enough
eyeballs, all bugs are shallow", it is clear that code being open
source does not automatically deliver the eyeballs.
--
Joe
Reply to: