Date: Wed, 8 Oct 2014 20:03:37 -0700 From: ArkanoiD <ark@...ex.net> To: oss-security@...ts.openwall.com Subject: Re: Thoughts on Shellshock and beyond I think there was one and simple way to prevent heartbleed, renegotiation bugs etc altogether: STOP inventing and enabling by default useless "cool" features. Leave TLS functionality alone, it is overengineered enough already. If you think it would be "cool" to teach it a few new tricks, make it disabled by default for users who never need it.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ