Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

  > I hope we are not going to get a rash of inarticulate
  > HN submissions for every minor patch to openbsd which
  > may have security implications.
I do. Submissions are cheap and skippable. Plus, now I get to look at all these small bugs and not make the same mistakes in my own code, which is both a huge win in my book and something that one can't learn from a textbook.


This submission prior to tptacek's (rather good) analysis was of little value. The original submitter gave absolutely no context to the diff.

I don't think we can depend on tptacek always being on hand.

This bug itself is not novel and something any programmer (if they are being honest) will admit to doing themselves.

The really interesting part of this story is not technical at all (and not evident from the posted patch) - why did the openbsd team not feel it necessary to release a security advisory for this bug. That decision may tarnish their reputation more than any wild conspiracy claims.


The submitter works about 15 away from me, for what it's worth.


"Submissions are cheap and skippable."

By that logic, you will not mind if I spam your mailbox since emails are cheap and skippable.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: