Forgot your password?
typodupeerror

Comment: Re:I would think (Score 1) 379

by machine321 (#46799267) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

- If a change is security related, and obviously needed, then why wasn't it made earlier? Didn't that make a mockery of all the "many eyes" arguments oft touted in favor of Open Source?

"Many eyes" rarely helps; you need to get the right eyes to look at a bug. If you follow vulnerabilities, you'll notice a handful of people find most of the bugs. The main advantage of open source is that the code is available for those eyes to view.

Comment: Re:I would think (Score 2) 379

by machine321 (#46799239) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

Does OpenVMS still require the byzantine workarounds that were in OpenSSL, or can it compile modern software without substantial changes?

I think part of the problem is that the OpenSSL developers are publishing code paths that they never test; this was tedu@'s original frustration when trying to disable the OpenSSL internal memory management; there was a knob to turn that nobody had tested, and the code was too hard to read to make the bug obvious.

If there's a demand for OpenVMS SSL libraries, they obviously can continue to use OpenSSL, or someone can re-port this new SSL library.

Comment: Re:Upate to the most current (Score 1) 241

by machine321 (#45562751) Attached to: New Windows XP Zero-Day Under Attack

That is not correct. Win8 will install just fine, but all the Modern UI apps will refuse to start. Which no one runs anyway.

I stand corrected. I don't recall why I thought that, maybe I listened to the Upgrade Assistant. Is anything missing from the OS with Modern UI disabled? Perhaps low-resolution screens are a feature...

Comment: Opposite problem (Score 1) 465

by machine321 (#45552705) Attached to: Ask Slashdot: Why Are Tech Job Requirements So Specific?

I recently hired a security analyst at my company. I had the opposite problem; almost everyone I interviewed worked at larger companies, and only had narrow experience with specific software products. I was looking for (and eventually found) someone who was more of a generalist "hacker" type. I don't really care if you've used X antivirus and Y SIEM for ten years because that's what your boss purchased, I care how you solve problems.

Old programmers never die, they just branch to a new address.

Working...