14 Apr
2014
14 Apr
'14
7:14 p.m.
On 4/14/14 4:06 PM, Randy Bush wrote:
for those you can blame the vendor. this one is owned by the community. it falls on us to try to lower the probability of a next one by actively auditing source as our civic duty. is that kind of like jury duty? if only it were more like literature, which we could read for enjoyment. true. also, as someone whacked me, far too many networkers can not read code at all.
It's much, much worse than that. I can still read code plenty fine, but bugs can be extremely obscure, and triply so with convoluted security code where people are actively going after you to find problems in most inventive ways. Openssl, etc, probably need to be treated more like Mars Landers than the typical github forkfest. Mike