[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] Heartbleed is a Free Software win
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] Heartbleed is a Free Software win
- From: Martijn Grooten <martijn@xxxxxxxxxxxxxxxxxx>
- Date: Thu, 10 Apr 2014 11:57:33 +0000
- Content-disposition: inline
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1396810045; h=Sender:Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Reply-To:Subject:In-Reply-To:MIME-Version:References:Message-ID:To:From:Date; bh=W5HDLXmY9y31ny2RsZLTEub0PVFqHNBQxWd5ak/THj4=; b=DGS41BwBWi7tAjbSn8R2gDCkn3Na/uYq+R48c9X45gjiMrGZO56Zj3m4+9bb6VZEX/UJ/JVaPMQjE8SSZxF4FDepeIUKJFVHQSki1xMzYa51ud4OBSJ66H9wP4l7UonvFrFAmnHxRoa5lh4oN8I8D4E/ZMnEZmVbo1L1GzGSG9U=;
- Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net; s=mail; t=1397131053; bh=VAq2+gKRzeqtR/kBE4fqpPFoviXwd2Q1uDhWZdpBTPg=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=IfRT0ybCWxYGOlRnvhwg5ssMwHA2h1m7FXxtwThR5VGVykDrpWd0fUPZLX+y0U6kx 256C8gFinVBqxz3zh7TiJU1s3R4Zak0JdzPrzO38bgQuOmCwC5eRiN7TQigMfVfp90 AaxgrP6CMjnow2Edv2V+rjr39W0ZvXH2mnfPyK2E=
On Thu, Apr 10, 2014 at 12:26:08PM +0100, Philip Hudson wrote:
> Spot on. Setting up and running (or sponsoring) comprehensive static
> analysis and regression testing of all the crypto code in the debian
> repos, or even the whole debian repo set, would be chump change to a
> Google or an Apple.
Not sure about Apple, but Google does do a lot of good stuff like this,
such as starting a bug bounty program for open source products. They
also perform audits themselves, they are regularly listed as having
found vulnerabilities in open and closed source code. Including this
particular one.
Martijn.
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
