Re: [SystemSafety] OpenSSL Bug

From: Patrick Graydon < >
Date: Fri, 11 Apr 2014 18:07:35 +0200

On 11 Apr 2014, at 17:45, Ian Broster <ianb_at_xxxxxx

> Part a) If you want people to assume some liability for how SOMEONE ELSE USES their software, then you're going to have to pay an awful lot more for your software.

There is a difference between taking on full liability for what anyone else does with software and taking responsibility for not exposing users to unreasonable and undisclosed risk.

I donít expect vendors to predict *every* threat. But we are talking about SSL here. It is beyond question that the vendors know that someone might try to break the encryption to steal the information that is being made secrete.

I donít expect vendors to consider *all* potential forms of vulnerability. But given the history of security vulnerabilities, it is equally beyond question that an unchecked input risks facilitating that theft.

I also donít expect *perfection* in the defence against every kind of attack. But some basic analyses, coding precautions, and testing of forms that were standard for other critical software decades ago doesnít strike me as particularly unreasonable considering the massive potential for damage.

In short, this was a predictable threat and a known form of attack and could have been prevented with techniques that were clearly warranted given what was known about risk. There is zero excuse for not employing those techniques.

ó Patrick



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Fri Apr 11 2014 - 18:07:50 CEST

This archive was generated by hypermail 2.3.0 : Sat Feb 23 2019 - 01:17:06 CET