
OpenSSH and the dangers of unused code - yarapavan
https://lwn.net/Articles/672465/
======
Kristine1975
The comments show why most people shouldn't be writing security-critical
software in C: They think they know the language's pitfalls when in reality
they only know some of them.

Use memset_s! The compiler isn't allowed to remove calls to it:
[http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1381.pdf](http://www.open-
std.org/jtc1/sc22/wg14/www/docs/n1381.pdf)

~~~
bcook
Nobody knows _all_ of any language's pitfalls.

Even the greatest programmer with the safest language will still code security
vulnerabilities.

~~~
sitkack
How many fallacies is this and what are they?

~~~
leni536
Perfectionist Fallacy

Assuming that the only option on the table is perfect success, then rejecting
anything that will not work perfectly.

'What's the point of these anti-drunk driving ad campaigns? People are still
going to drink and drive no matter what.'

Shared From Logical Defence Application

~~~
sitkack
excellent!
[https://en.wikipedia.org/wiki/Nirvana_fallacy](https://en.wikipedia.org/wiki/Nirvana_fallacy)

------
wyldfire
> CVE-2016-0778... is "unlikely to have any real-world impact" because it
> relies on two non-default options being used by the client (ProxyCommand and
> either ForwardAgent or ForwardX11)

 _cringe_ \-- I know I've got both in my ~/.ssh/config, though hopefully not
both enabled for the same server(s).

~~~
falcolas
We use 'ProxyCommand' constantly with bastion servers to help protect our
infrastructure. We use 'ForwardAgent' much less, but it's still useful for
some testing purposes or one-offs.

------
ufmace
Upvoted because this is the first short and clear description of how the SSH
bug works and why it's bad that I've read so far.

------
mike_hock
"Half-implemented feature" is so awesome for plausible deniability. You can
leave blatant security holes in and be like, "yeah, I never got around to
fixing that since we stopped developing the feature," when elsewhere those
flaws would be suspected of being an intentional backdoor.

~~~
Kristine1975
Perhaps even leave a comment: _TODO: FIXME_

