Web lists-archives.com

Re: Group thoughts on: Anti-virus tools




On Sun, 10 Mar 2019 19:46:42 +0000
mick crane <mick.crane@xxxxxxxxx> wrote:

> On 2019-03-10 17:13, Joe wrote:
> > On Sun, 10 Mar 2019 19:35:18 +0300
> > Reco <recoverym4n@xxxxxxxxxxxx> wrote:
> >   
> >> 	Hi.
> >> 
> >> On Sun, Mar 10, 2019 at 04:32:42PM -0000, Curt wrote:
> >>   
> >> >
> >> > I thought he was saying the surest approach is not touching
> >> > Windows with a ten foot pole,  
> >> 
> >> You're aiming too low. Not touching any non-free OS with a ten foot
> >> pole would be much more like it.
> >> 
> >>   
> > While bearing in mind that 'free' doesn't mean 'problem-free'.
> > 
> > Remember how many people audited the Heartbleed code before it was
> > released?  
> 
> didn't I read openSSL just had the one full time guy for thousands of 
> lines of code ?

I believe only one person other than the writer audited the code, and
this was a piece of core open-source security code. While "given enough
eyeballs, all bugs are shallow", it is clear that code being open
source does not automatically deliver the eyeballs.

-- 
Joe