[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] heartbleed OpenSSL bug CVE-2014-0160

To: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Subject: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
From: Paul Vixie <paul@xxxxxxxxxxx>
Date: Thu, 10 Apr 2014 23:01:44 -0700

Michal Zalewski wrote:
>> http://m.smh.com.au/it-pro/security-it/man-who-introduced-serious-heartbleed-security-flaw-denies-he-inserted-it-deliberately-20140410-zqta1.html
>
> "Man who introduced serious 'Heartbleed' security flaw denies he
> inserted it deliberately"

yeah, and when i was creating all the cron, bind, ftpd, and sendmail
vulnerabilities that made me so famous back in the 1990's, none of those
were deliberate, either.  BWA-hahahahaha.

> Wow, we're climbing to some new levels here.

when the internet moved out of academia and into the larger population,
we got tabloids and ambulance chasers in the deal. ick.

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Paul Vixie

References:
- [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Kirils Solovjovs
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Ingo Schmitt
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: David Tomaschik
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Ivan .Heca
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Michal Zalewski

Prev by Date: [FD] FW: dve bypass dep+aslr+emet+cfi
Next by Date: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Previous by thread: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Next by thread: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Index(es):
- Date
- Thread