Not discrediting Open Source Software, but nothing is 100% safe.

  • @damnthefilibuster
    link
    English
    11 year ago

    the fix was out in under a week

    I don’t disagree with this, but your point about automatic audits… It’s always a learning curve to prevent silly shit like heartbleed from getting into the system. But the idea that there was no check against this when it was first PR’d seems almost absurd. This is why sticking hard to API and design specs and building testing around them is so important.

    I’m sure they learnt a valuable lesson there.