[Cryptography] I don't get it.

Phillip Hallam-Baker hallam at gmail.com
Wed Apr 16 00:00:18 EDT 2014


On Wed, Apr 16, 2014 at 12:09 AM, Harald Koch <chk at pobox.com> wrote:
> On 15 April 2014 16:46, Peter Fairbrother <zenadsl6186 at zen.co.uk> wrote:
>>
>> I wonder who committed the OpenSSL heartbeat change.
>
>
> You don't have to wonder - both the committer and the author are publicly
> known.
>
> And on that note, I agree with you, because it's my interpretation that the
> bug was introduced by two developers who each trusted the other to "get it
> right"...

Seems like the incentives for writing OpenSource crypto are rather
poor. If you do good work few people know, if you make one slip people
think you might be an NSA spy.

Also rather poor that people don't realize that its not just the NSA
who operate large scale PRISM like programs. Other governments had
much better motives than the US.

-- 
Website: http://hallambaker.com/


More information about the cryptography mailing list