On Sun, Oct 12, 2014 at 05:35:15PM -0700, coderman wrote: > On 10/5/14, Georgi Guninski <[email protected]> wrote: > > ... > > ok, i won't argue :) > > > one last beating of this dead horse: > > "The recommended practice of blowing away the environment before > calling a shell goes back to Garfinkel & Spafford's 1991 seminal
lol, look at the warez almost all people are using. if you follow all such advices you'd better not power it on. note to myself: stay away from forks of this thread... > Practical Unix Security (or at least the 1996 2nd ed., Practical Unix > & Internet Security). It's in there TWICE it is so basic." > - https://docstrange.livejournal.com/95142.html > > also relevant, > "Dear clueless assholes: stop bashing bash and GNU... You people are > pieces of shit. I am disgusted..." > - https://weev.livejournal.com/409835.html > > "These bugs that happen, these mistakes in software that lead to > vulnerabilities, they aren’t one-off problems. They’re systemic. There > are patterns to them and patterns to how people take advantage of > them. But it isn’t in any one particular company’s interest to dump a > pile of their own resources into fixing even one of the problems, much > less dump a pile of resources into an engineering effort to fight the > pattern... They’ve got even less incentive to fix entire classes of > vulnerabilities across the board. Same goes for everybody else in the > game... it’s worse than a tragedy of the commons, it’s a race to the > bottom." > - > https://medium.com/message/how-i-explained-heartbleed-to-my-therapist-4c1dbcbe1099
