oss-sec mailing list archives

Re: Thoughts on Shellshock and beyond

From: ArkanoiD <ark () eltex net>
Date: Wed, 8 Oct 2014 20:03:37 -0700

I think there was one and simple way to prevent heartbleed, renegotiation
bugs etc altogether: STOP inventing and enabling by default useless "cool"
features. Leave TLS functionality alone, it is overengineered enough
already. If you think it would be "cool" to teach it a few new tricks, make
it disabled by default for users who never need it.

Current thread:

Re: liability (was: Re: Thoughts on Shellshock and beyond), (continued)
- - - Re: liability (was: Re: Thoughts on Shellshock and beyond) Źmicier Januszkiewicz (Oct 10)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 09)
    - Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 09)
    - Message not available
    - Re: Thoughts on Shellshock and beyond Sven Kieske (Oct 09)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 08)
    - Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 08)
    - Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 08)
    - Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
    - Re: Thoughts on Shellshock and beyond ArkanoiD (Oct 08)
    - Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 08)
    - Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
    - Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 09)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 08)
    - Re: Thoughts on Shellshock and beyond John Haxby (Oct 09)
    - Re: Thoughts on Shellshock and beyond Kobrin, Eric (Oct 09)
    - Re: Thoughts on Shellshock and beyond Stephane Chazelas (Oct 08)
    - Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 08)
    - Re: Thoughts on Shellshock and beyond Tim (Oct 08)
- Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 07)

(Thread continues...)