Internet and e-mail policy and practice
including Notes on Internet E-mail


2014
Months
Apr
Sep Oct
Nov Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed

Add to My Yahoo!

Subscribe with Bloglines


[Valid RSS]

Home

13 Apr 2014

Open Source software is the worst kind except for all of the others Internet

Heartbleed, for anyone who doesn't read the papers, is a serious bug in the popular OpenSSL security library. Its effects are particularly bad, because OpenSSL is so popular, used to implement the secure bit of https: secure web sites on many of the most popular web servers such as apache, nginx, and lighttpd.

A few people have suggested that the problem is that OpenSSL is open source, and code this important should be left to trained professionals. They're wrong. The problem is that writing and testing cryptographic software is really, really hard.

See more ...


posted at: 00:39 :: permanent link to this entry :: 3 comments
Trackback link is http://jl.ly/Internet/openssl.trackback

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
CASL Comes into Force
63 days ago

A keen grasp of the obvious
Applying the Hobby Lobby decision
60 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2014 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.