nanog mailing list archives

Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]

From: Michael Thomas <mike () mtcc com>
Date: Sun, 13 Apr 2014 08:08:46 -0700

On 04/13/2014 07:52 AM, Randy Bush wrote:

the point of open source is that the community is supposed to be doing
this.  we failed.

Versus all of the closed source bugs that nobody can know of or do
anything about?

for those you can blame the vendor.


Or not.

this one is owned by the community.
it falls on us to try to lower the probability of a next one by actively
auditing source as our civic duty.

And we all know how well civic duty works as a motivator. If we reallywant to do somethingconstructive, convince the corpro-takers to open their wallets to fundthose auditing functions.


Mike

Current thread:

Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years], (continued)
- - - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] William Herrin (Apr 11)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Valdis . Kletnieks (Apr 11)
    - RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Frank Bulk (Apr 11)
    - RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Warren Bailey (Apr 11)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] TGLASSEY (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Matthew Petach (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Bengt Larsson (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Randy Bush (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Michael Thomas (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Randy Bush (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Michael Thomas (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] John Levine (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Niels Bakker (Apr 13)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Warren Bailey (Apr 13)
    - RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Thijs Stuurman (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Scott Howard (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Patrick W. Gilmore (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] William Herrin (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Doug Barton (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] bmanning (Apr 14)
    - Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Scott Howard (Apr 14)

(Thread continues...)