Heartbleed and static analysis
Marco Leise
Marco.Leise at gmx.de
Sat Apr 12 11:39:38 PDT 2014
Am Fri, 11 Apr 2014 09:59:45 +0000
schrieb "Chris" <wendlec at tcd.ie>:
> In a way it's scary how vulnerable software we rely on still is.
> I cannot claim that my software is immune to attacks, but where
> security is crucial, one would expect self-critical scrutiny
> rather than complacency. But we're all only human.
+1. My naive assumption was that something like SSH is
implemented once and then bugs are fixed, so it can only ever
become safer. I found it astounding that this library was
totally sane only 2 years ago. One innocent commit is all it
took and it can happen again for any software, any time.
If crackers keep their eyes open they _will_ find their next
backdoor.
--
Marco
More information about the Digitalmars-d
mailing list