Re: making Debian secure by default

To: debian-user@lists.debian.org
Subject: Re: making Debian secure by default
From: John Hasler <john@sugarbit.com>
Date: Mon, 01 Apr 2024 13:50:22 -0500
Message-id: <[🔎] 875xx0zzm9.fsf@sugarbit.com>
Reply-to: john@sugarbit.com (John Hasler)
In-reply-to: <[🔎] 20240401134741.7a2ca89c@jrenewsid.jretrading.com> (joe@jretrading.com's message of "Mon, 1 Apr 2024 13:47:41 +0100")
References: <CAD8GWssBoRrCzW0TSUGxMeuY=y_bTM-nMuSO7_4g1Kyk79fgqQ@mail.gmail.com> <ZgSljhflfCtsnnCq@mail.bitfolk.com> <CAD8GWsswLPH327tvj64HkWuMfayXczJyyviSk9Um2CAHHjoovg@mail.gmail.com> <ZgVw+HFmMseszOcm@mail.bitfolk.com> <ZgWLmLCjcOTqhk2a@wooledge.org> <slrnv0bba0.1hf.curty@einstein.electron.org> <Zgbx8L7m3k92QWzm@mail.bitfolk.com> <20240329172333.7439c34e@jrenewsid.jretrading.com> <[🔎] CAJmb-Y=M67E3PDrgzYkHt98gbzef5-0+2q2RubwhGurxkaH1-g@mail.gmail.com> <[🔎] ZgoRo7jKKXSEV7Ai@mail.bitfolk.com> <[🔎] 20240401134741.7a2ca89c@jrenewsid.jretrading.com>

Joe writes:
> I think this was amply demonstrated by Heartbleed, where the offending
> code was examined by *one* other pair of eyes, before approval was
> granted for inclusion in OpenSSL.

The "many eyes" phase comes after release.
-- 
John Hasler 
john@sugarbit.com
Elmwood, WI USA

Reply to:

Follow-Ups:
- Re: making Debian secure by default
  - From: Joe <joe@jretrading.com>

References:
- Re: making Debian secure by default
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: making Debian secure by default
  - From: Andy Smith <andy@strugglers.net>
- Re: making Debian secure by default
  - From: Joe <joe@jretrading.com>

Prev by Date: SOLVED (was: Re: help needed to get a bookworm install to succeed)
Next by Date: Re: making Debian secure by default
Previous by thread: Re: making Debian secure by default
Next by thread: Re: making Debian secure by default
Index(es):
- Date
- Thread