> Heartbleed was in openssl... What does it have to do with openssh ? Exactly. I... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

traceroute66 on Oct 24, 2022 | parent | context | favorite | on: Security through obscurity is underrated (2020)

> Heartbleed was in openssl... What does it have to do with openssh ?

Exactly.

I can't speak for Log4J as I have no experience, but I do know that anyone sensible agrees that OpenSSL is a pile of bloated dog poo.

OpenSSH, as I've already said, is written by the OpenBSD crew. They have a track record of having OCD about writing secure and correct software.

dumpsterdiver on Oct 24, 2022 [–]

Okay, so are they going to live forever and keep writing impeccable software for eternity? What happens when they tire of their immortality, and decide to pass the torch?

remram on Oct 24, 2022 | [–]

Then we'll stop using it? On any port number?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact