I don't know. I don't use it, and when it appears I go to classic view.

Well thank you for making this special trip to /. to tell us all about how you don't visit /. anymore.

I read the post as "She should have been helping her peiple, because she's black and a lot of blacks were harmed in Katrina." It is inherently racist.

And what languages are these languages themselves written in? At some point you're working with something written in C, C++ or assembler, and if those languages are dangerous to directly write apps in, then surely they must be equally dangerous to write the compilers and platforms on which your non-VM language runs.

At some point it's turtles all the way down. By writing in some other language, you're putting your faith in the people writing the interpreters, VMs and/or compilers, and in many cases those developers are little different than the unfortunate fellow that introduced this particular vulnerability into OpenSSL.

Moving away from C just means you now have to have faith in some bytecode virtual machine's memory and buffer management. Is it a more secure approach? Maybe, but if the root complaint is putting faith in complex software, coding in Java or some .NET language means trusting the people coding those engines are equally capable of screwing up. All these higher level virtual machines and interpreters are ultimately written in C.

Yeah, I'm sure Comcast's management and investors totally feel bad about that whole public opinion thing.

I know my webservers are all good, because they're linking against openssl 0.9.8. I just managed to confirm that Debian Squeeze's stock OpenVPN package links to the 0.9.8 library as well, and isn't statically linked, so, so far as I understand the vulnerability, there's no chance I was compromised.

It does indeed pay, on occasion, to stick with older versions. I had actually been looking to upgrade my VPN gateways to Wheezy a few months ago, and am rather glad I didn't.

All my servers are sitting at 0.9.8, but at least some of the Windows clients are not. Do I need to worry about?

Don't worry. I've more than made up for Theo's unusual calmness this morning, and have called them names that would make the gods blanch.

Um, that's right, because everywhere and nowhere is the center of the universe, as the CMBR clearly indicates.

What? Hebrew is a West/Central Semitic language, and Akkadian was an East Semitic language (there is no extant East Semitic language spoken today). Hebrew was a dialect of Canaanite, and closely related to the Phoenician language. Both Phenician and Hebrew were written in alphabetical scripts that cribbed a good deal of Egyptian writing.

Nothing you wrote was right.

Exactly

As much as Theo can be an utter and insufferable prick, on this score he's right. This was an insanely trivial error which has exposed who knows how many systems to potential breaches. Right now I'm starting up a full audit of our systems. We use OpenVPN for our interoffice WAN, as well as for clients; many of them Windows, iOS and Android clients, not to mention reviewing all our *nix clients running SSH daemons. We're only a relatively small operation, and it's still a monumental pain in the ass.

It isn't a matter of what it looks like, it rips off the entire crystal dome notion. I don't know why that would bother you an more than the fact Hebrew is a Canaanite dialect written in a script that originates in Egyptian and Sumerian sources.

You could start with the CMBR.