Recently, a thread about a security problem in a piece of open source software got a lot of attention. There was a vulnerability report, a defensive developer, persistent security folks, and of course sideline comments taking one side or the other. This discussion perfectly illustrates why it can be hard to have a civil discussion about security, and why even with the best of intentions and with skilled developers, security problems can persist in a software system.
Read More at the Galois Blog
Post a Comment