Patrick Figel 🐣 is a user on mastodon.at. You can follow them or interact with them if you have an account anywhere in the fediverse.
If you don't, you can sign up here.
Oh for fuck's sake, OpenSSL. Just when I was starting to think they'd finally gotten their shit together
@pfigel @angristan Timing attacks are pretty nasty. If all the CPU makers were not able to avoid them, I'll be the last to blame this hugely underfunded, compared to their importance, project.
@steelman @angristan definitely don't blame them for the bug existing at all, but refusing to fix until an exploit is available is not what I'd be hoping for from them post-Heartbleed, especially considering a fork with even less backing managed to fix it right away
@pfigel @steelman @angristan It seems nreasonable, but… yes, it seems unreasonable.