• @[email protected]
      link
      fedilink
      English
      356 hours ago

      Companies should be forced to release all source code for products that are “EOL”. I will never change my mind on this.

    • tiredofsametab
      link
      fedilink
      3611 hours ago

      May 1st 2024 was a decade ago? (The article has a list and only two are old as you mention, though not quite a decade yet)

    • Dran
      link
      English
      2411 hours ago

      Because that bug was so egregious, it demonstrates a rare level of incompetence.

      • NaibofTabr
        link
        fedilink
        English
        1511 hours ago

        that bug was so egregious, it demonstrates a rare level of incompetence

        I wish so much this was true, but it super isn’t. Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all… and, well, there was the Crowdstrike thing…

        • @[email protected]
          link
          fedilink
          English
          12 hours ago

          Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all

          At the super budget prices Cisco charges, do you really expect quality control to be included? You’ve got to buy a quality control subscription for that. /s

        • Dran
          link
          English
          16
          edit-2
          10 hours ago

          Idk, this was kind of a rare combination of “write secure function; proceed to ignore secure function and rawdog strings instead” + “it can be exploited by entering a string with a semicolon”. Neither of those are anything near as egregious as a use after free or buffer overflow. I get programming is hard but like, yikes. It should have been caught on both ends