Not discrediting Open Source Software, but nothing is 100% safe.

    • andrew
      link
      fedilink
      English
      111 year ago

      See my comment below for more of my thoughts on why I think heartbleed was an overwhelming success.

      And you help make my point because openssl is a dependency which is easily discovered by software like dependabot and renovate. So when the next heartbleed happens, we can spread the fixes even more quickly.

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        Enterprise software inventory can unfortunately be quite chaotic, and understanding the exposure to this kind of vulnerability can take weeks if not longer.