On Sun, 11 Jun 2017 03:58:30 +0300 Ivan Kalvachev <ikalvac...@gmail.com> wrote:
> Of course, as FFmpeg developer, it is your right to initiate a vote > that would prevent Michael from trying to make FFmpeg more secure. > He has always complied with official decisions. Nothing but polemic nonsense intended to scare others into having your way. If our code is so tricky that nobody can understand it or the intention behind code (like types being simultaneously signed and unsigned), it won't have a positive influence on the security of the code. If you really want to make code more secure, you should probably think about making code _simpler_, nor more complex. > However this might turn into publicity nightmare, > as security community is known to overreact > on certain topics. That too. The security community in particular seems to be full of individuals who will gladly misrepresent risks to get attentions, and companies doing the same to sell their "security" products. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
