On 11 April 2014 00:55, David <dgboles@xxxxxxxxx> wrote: > > Sure. I would not really *greatly* care about tech sites password. I > would be (was) concerned about my 'money' sites. The sites had to used > openssl. Which would be any Apache and another one that I can not recall > at the moment. > > But? This time the 'ten feet tall and bullet proof because I use Linux' > Bull$$hit failed. This one is Linux centered. Period. A programer > created this and added it to the code. And 'free and a no money' > supported program mistake not caught for about two years. You know OpenSSL is not Linux? And that IIS could equally have had this bug? http://en.wikipedia.org/wiki/Code_Red_%28computer_worm%29 (also a good reminder for anyone who thinks vulnerabilities in the news is news) It's also not true: > A group of nice people working part time for nothing. No real > resources. People with real jobs that pay. Families. And 'part time > support'. I tip my hat but? Sad. OpenSSL do support contracts and many of the developers offer consultancy services. Painting it as something done as a part-time hobby is a bit misleading. (And why 'sad' exactly? Also N.B. it's often an insult in British English) -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
