oss-sec mailing list archives
Re: Thoughts on Shellshock and beyond
From: ArkanoiD <ark () eltex net>
Date: Wed, 8 Oct 2014 20:03:37 -0700
I think there was one and simple way to prevent heartbleed, renegotiation bugs etc altogether: STOP inventing and enabling by default useless "cool" features. Leave TLS functionality alone, it is overengineered enough already. If you think it would be "cool" to teach it a few new tricks, make it disabled by default for users who never need it.
Current thread:
- Re: liability (was: Re: Thoughts on Shellshock and beyond), (continued)
- Re: liability (was: Re: Thoughts on Shellshock and beyond) Źmicier Januszkiewicz (Oct 10)
- Re: Thoughts on Shellshock and beyond Tim (Oct 09)
- Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 09)
- Message not available
- Re: Thoughts on Shellshock and beyond Sven Kieske (Oct 09)
- Re: Thoughts on Shellshock and beyond Tim (Oct 08)
- Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
- Re: Thoughts on Shellshock and beyond Tim (Oct 08)
- Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
- Re: Thoughts on Shellshock and beyond Tim (Oct 08)
- Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
- Re: Thoughts on Shellshock and beyond ArkanoiD (Oct 08)
- Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 08)
- Re: Thoughts on Shellshock and beyond Michal Zalewski (Oct 08)
- Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 09)
- Re: Thoughts on Shellshock and beyond Tim (Oct 08)
- Re: Thoughts on Shellshock and beyond John Haxby (Oct 09)
- Re: Thoughts on Shellshock and beyond Kobrin, Eric (Oct 09)
- Re: Thoughts on Shellshock and beyond Stephane Chazelas (Oct 08)
- Re: Thoughts on Shellshock and beyond David A. Wheeler (Oct 08)
- Re: Thoughts on Shellshock and beyond Tim (Oct 08)