« Blog » 2008-05-15

Security is hard

Created 2008-05-15T17:19:35.159Z, last edited 2008-05-15T17:20:22.205Z

Also: just so you're aware. There are no points awarded in security for good intentions. You either get it right, or you go home. This person had no business editing OpenSSL.

Thomas Ptacek on reddit.

We've been using OpenSSL in various versions of FOST for ten years now. Personally I'm concerned about doing something stupid just compiling it for distribution, never mind the worry about (mis)using it. The thought of altering any of it… No way!

Categories

Some rights reserved — by-nc-sa version 2 Attribution Non-commercial Share alike

© 2002-2025 Kirit & Tai Sælensminde. All forum posts are copyright their respective authors.

Licensed under a Creative Commons License. Non-commercial use is fine so long as you provide attribution.