Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yep. Hearing that solution to the problem was just beyond reason. Its like they didn't just set some compile flags and constants for the architecture, but decided that their code had to calculate it every time the variable is needed. The line about finding if /dev/null moved was also pretty scary.


> finding if /dev/null moved

Couldn't find that, do you have a reference somewhere? (I only watched the video that mrweasel posted.)


43:16 into the video I posted

https://www.youtube.com/watch?v=-4psTQ1sX7s


I remember cracking up then forwarding it to all kinds of people and forums. Along the lines of "remember this" if you try to justify trusting the OpenSSL codebase for anything.


...Which is why LibreSSL was started in the first place: Trusting OSSL is fundamentally insane.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: