Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 8 Oct 2014 20:03:37 -0700
From: ArkanoiD <ark@...ex.net>
To: oss-security@...ts.openwall.com
Subject: Re: Thoughts on Shellshock and beyond

I think there was one and simple way to prevent heartbleed, renegotiation
bugs etc altogether: STOP inventing and enabling by default useless "cool"
features. Leave TLS functionality alone, it is overengineered enough
already. If you think it would be "cool" to teach it a few new tricks, make
it disabled by default for users who never need it.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ