BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Shellshock
- Subject: [Discuss] Shellshock
- From: bill.n1vux at gmail.com (Bill Ricker)
- Date: Wed, 1 Oct 2014 12:34:53 -0400
- In-reply-to: <542C1899.2000402@gmail.com>
- References: <542B5DFA.2080108@gmail.com> <542B5F49.3050500@gmail.com> <CAAbKA3U4r-rxkAW33HPfv6FJE36rqDJx6qESbrS4r7G_VBN1Mw@mail.gmail.com> <542C1899.2000402@gmail.com>
On Wed, Oct 1, 2014 at 11:07 AM, Richard Pieri <richard.pieri at gmail.com> wrote: >> Note that Multiple additional BASH security bugs have been found >> and/or fixed since they started looking harder in the last week. > Which is not a bad thing as long as the people looking actually > understand what they are looking at and what they are looking for. It's > not so much the quantity of eyes as the quality of those eyes. Yes indeed. Unskeptical eyes are useless for security review no matter how multiplied. Open source doesn't guarantee unskeptical eyes early/often, but it's possible, unlike commercial closed source where it's forbidden (except when actively required by Military contract). -- Bill Ricker bill.n1vux at gmail.com https://www.linkedin.com/in/n1vux
- Follow-Ups:
- [Discuss] Shellshock
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Shellshock
- References:
- [Discuss] Shellshock
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Shellshock
- Prev by Date: [Discuss] Back to the OP: Re: Server/laptop full-disk encryption
- Next by Date: [Discuss] Shellshock
- Previous by thread: [Discuss] Shellshock
- Next by thread: [Discuss] Shellshock
- Index(es):
