Hi. On Sun, Mar 10, 2019 at 05:13:35PM +0000, Joe wrote: > On Sun, 10 Mar 2019 19:35:18 +0300 > Reco <recovery...@enotuniq.net> wrote: > > On Sun, Mar 10, 2019 at 04:32:42PM -0000, Curt wrote: > > > > > > > > I thought he was saying the surest approach is not touching Windows > > > with a ten foot pole, > > > > You're aiming too low. Not touching any non-free OS with a ten foot > > pole would be much more like it. > > > > > While bearing in mind that 'free' doesn't mean 'problem-free'. > > Remember how many people audited the Heartbleed code before it was > released?
And that's why security is a process, not a state. CVE-2014-0160 was fixed upstream days after the discovery, but it took certain software vendors almost a year to fix openssl 'bundled' with their 'software products'. Reco
