More eyeballs usually do make bugs more shallow, but only if the eyes know what to look for.
And only if a significant number of sophisticated and knowledgeable eyes have the time and interest to dig through lines and lines of code looking for vulnerabilities.
The reality is that the majority of eyeballs looking at code are the ones that have other reasons to be looking at it. They aren't necessarily looking for vulnerabilities but maybe they spot something.
The eyes that might be interested in scouring code looking for vulnerabilities could be the ones wanting to exploit them rather than fix them.
This bug would have been utterly trivial to detect when introduced had the OpenSSL developers bothered testing with a normal malloc (not even a security focused malloc, just one that frees memory every now and again). Instead, it lay dormant for years until I went looking for a way to disable their Heartbleed accelerating custom allocator.
it's a very good read.
Fuck Netflix too. We know that telco's are evil. You've just given them a big win, and a taste for blood.
Thanks for nothing, Netflix. You broke the Internet. We won't forget this.
I cannot seem to find which direction it is? North? East? West? South? I hope to see it from east of L.A. with its light pollutions.
"you can walk around outdoors without electric lights even when there's no moon."
I doubt that you can do that comfortably if there are trees blocking the little star light that's available or if it's a bad road surface combined with you not wearing rugged boots.
Apart from that, especially women don't feel comfortable going around in dark places where they perceive that there can be rapists hiding in the dark.
Happiness is twin floppies.