'Re: Heartbleed'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-user
Subject:    Re: Heartbleed
From:       Slavko <linux () slavino ! sk>
Date:       2014-04-16 21:43:40
Message-ID: 20140416234340.288de3f4 () bonifac ! skk
[Download RAW message or body]

Ahoj,

Dňa Tue, 15 Apr 2014 22:32:26 -0500 Bill Wood
<william.wood3@comcast.net> napísal:

> I've been following this thread since it started, as well as some
> other Internet sites that have been mentioned, and I have noticed that
> everyone talks about the impact on the financial services sector but
> no one has mentioned the health care information sector.  I

Not everyone ;-) My bank had no problem with this, my hospital uses
standard papers...

I am talking about encryption and the F/OSS in general and i have my
privacy in the mind. Here exists a lot of people int today world, which
tell, that they have nothing to hide. But i don't want to share my
privacy with others. I want, that my small home server to remain my
(administration) and when i encrypt something, i want to nobody smile
from me (and my public secrets). And i am talking about my fears from
near future...

I expect, that critical applications (openssl, gpg, ssh, gnutls, etc)
will not contain these mistakes, and if something similar happens again
(because yes - mistakes happens), then discovering these mistakes will
not take years, but days or weeks...

I cannot contribute. I am not a crypto expert, nor the C expert (nor
any other language). I am regular user (perhaps more than regular,
but in software usage), i have no spare money to sponsor them. I can
(and i do it) contribute on another parts (translating, package
management, etc), but i cannot help with code or code reviews.

Is it a my mistake, that i cannot help with this? Am i expecting a
lot? Need i switch to proprietary software (yes, i know, that is no
solution)?

And there is one crucial question. There was debian's patches, gnutls
mistakes, gnupg mistakes in last years. Now there was a openssl problem.
The crucial question is: What will be next? What need to happen, in
order to things changes?

I am sorry, that i am sharing my frustration...

regards

-- 
Slavko
http://slavino.sk

["signature.asc" (application/pgp-signature)]
-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/20140416234340.288de3f4@bonifac.skk


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic