Hacker News new | past | comments | ask | show | jobs | submit login

Count the number of vulnerabilities in OpenSSL over the last few years, relative to the size of its code base. A single vulnerability, albeit bad this year, results in a fork and the attitude of "it had its chance."

LibreSSL inherits all of the undiscovered vulnerabilities in its huge code base. I hope your harsh criticism carries over to its code base once these flaws are discovered here too. That's the beauty of open source.




number ok known vulnerabilities you mean ?

The problem is that a security software brick is not satisfactory when it works, but when you can be sure there are no problems.

Given the very low quality of the code and the high amount of bloat, few people actually trust it. They have to trust third-parties and external certifications and the word on the street, and this is not enough for that kind of dependency.


>Count the number of vulnerabilities in OpenSSL over the last few years, relative to the size of its code base. A single vulnerability

You might want to take your own advice. There have been tons of vulnerabilities in openssl, not one.

>LibreSSL inherits all of the undiscovered vulnerabilities in its huge code base.

That would be why it is being gutted and audited. That's the whole point.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: