aisarka comments on My Heartbleed learning experience and alternative to poor quality Heartbleed instructions. - Less Wrong

14 Post author: aisarka 15 April 2014 08:15AM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (31)

CC Licenced

Comments (31)

Sort By: Best

You are viewing a single comment's thread. Show more comments above.

Comment author: aisarka 15 April 2014 09:15:33AM 3 points [-]

I have had not a single email from any of them about Heartbleed

This delayed my finding out about it. I discovered later that most of them had posted their notice someplace a little out of the way - on some blog that's not even under their main domain name (Google did this and I think Microsoft may have done it), or in a little "news" box that you only see after signing in to the website. I don't know what immunized me against the instinct to write it off as a hoax. Perhaps it was all of the security literature I've read and my daily experiences that have informed me that security is difficult and that flawed code can easily be written by accident.

Comment author: wedrifid 15 April 2014 11:11:51PM 1 point [-]

This delayed my finding out about it. I discovered later that most of them had posted their notice someplace a little out of the way

This seems like a good strategy (for them). Answer the questions of those who have security concerns without drawing negative attention to yourself among naive customers.

aisarka comments on My Heartbleed learning experience and alternative to poor quality Heartbleed instructions. - Less Wrong

Article Navigation

Comments (31)

Nearest Meetups

Virtual Study Room

Recent Comments

Recent Posts

Recent Rationality Quotes

Recent Wiki Edits

Top Contributors, 30 Days

Recent Karma Awards

Comments (31)

Top Contributors, 30 Days

You'll need to login or register to do that

(Don't worry, it only takes a few seconds)

Create

Login