Slashdot videos: Now with more Slashdot!
My objection is limited to these nonsense assertions usage of operating system allocator would have meaningfully mitigated heartbleed vulnerability.
OpenBSD's malloc has many security features, including use-after-free detection. OpenSSL's custom memory management nullified all that.
Finally, let me add that this problem has nothing to do with openness, open-source, or fragmentation.
Well it's kind of related to fragmentation, because even if Google fixed all the bugs ever it would mean fuck all as long as the device manufacturers refuse to update their devices.