OpenSSL Valhalla Rampage
April 20, 2014 8:11 AM   Subscribe

In the wake of the Heartbleed OpenSSL vulnerability, several OpenBSD developers have embarked on a major cleanup (and eventual security audit) of OpenSSL. OpenSSL Valhalla Rampage collects the funnier and snarkier comments made by the OpenBSD developers during this process, together with some commentary. [via this Slashdot comment]

An example:
Fix some serious pointer-arithmatic-magic-number-unchecked-return eyebleed that I stumbled into here and got stuck with. If modern society can get past selling daughters for cows, surely we can decide to write modern C code in an “application” that is probably 3 lines of shell/python/cgi away from talking to the internet in a lot of places.. (This file still needs a lot more love though) “oh god yuck” deraadt@
Some additional background: OpenBSD is an open source version of Unix that emphasizes security. Despite the similar names, OpenSSL is not part of OpenBSD, but it is suspected that OpenBSD will now begin maintaining its own version of OpenSSL much like it does with OpenSSH.
posted by jedicus (1 comment total)

This post was deleted for the following reason: Yeah, maybe best to keep the discussion in the open Heartbleed thread. -- LobsterMitten



 
And I see now that this was posted in the open Heartbleed thread.
posted by jedicus at 8:13 AM on April 20, 2014


« Older whoooooosh-BOING!!! oooWEEEoooWEEEoooWEEE… SPLOP!!...   |   Moisture Is The Essence Of Wetness Newer »


This thread has been archived and is closed to new comments