[[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]

Michael Thomas mike at mtcc.com
Sun Apr 13 15:08:46 UTC 2014

On 04/13/2014 07:52 AM, Randy Bush wrote:
>>> the point of open source is that the community is supposed to be doing
>>> this.  we failed.
>> Versus all of the closed source bugs that nobody can know of or do
>> anything about?
> for those you can blame the vendor.

Or not.

> this one is owned by the community.
> it falls on us to try to lower the probability of a next one by actively
> auditing source as our civic duty.

And we all know how well civic duty works as a motivator. If we really 
want to do something
constructive, convince the corpro-takers to open their wallets to fund 
those auditing functions.


More information about the NANOG mailing list