[Linux-aus] Post in ZDnet re: Heartbleed
Kathy Reid
kathy at kathyreid.id.au
Mon Apr 14 22:37:57 EST 2014
Hi everyone,
There's a post on ZDnet that posits that OpenSSL benefitted little from
being open source;
http://www.zdnet.com/did-open-source-matter-for-heartbleed-7000028378/
I strongly disagree with a lot of the points in the article, but am
interested in the thoughts of others.
* If OpenSSL wasn't open source, the vulnerability may never have been found
* The CVE was dealt with transparently and openly
* The patch was freely available when the CVE was made public
* The specific code vulnerability, now patched, will make other C codes
more secure as people learn from the error
--
--
Kathy Reid
kathy at kathyreid.id.au
0418 130 636
@kathyreid
More information about the linux-aus
mailing list