Not discrediting Open Source Software, but nothing is 100% safe.

  • andrew
    link
    fedilink
    English
    111 year ago

    See my comment below for more of my thoughts on why I think heartbleed was an overwhelming success.

    And you help make my point because openssl is a dependency which is easily discovered by software like dependabot and renovate. So when the next heartbleed happens, we can spread the fixes even more quickly.

    • @[email protected]
      link
      fedilink
      English
      31 year ago

      Enterprise software inventory can unfortunately be quite chaotic, and understanding the exposure to this kind of vulnerability can take weeks if not longer.