Ask HN: Is Heartbleed a good argument for using closed source?
We know that websites hosted on e.g. the MS tech stack are basically unaffected by Heartbleed due to their having their own implementation rather than OpenSSL. Even if such a vulnerability exists it is hard to find in source code that isn't publicly available - i'm not sure if thats an argument for or against - or perhaps part of both. The counter of course is that such vulnerabilities are less likely to be discovered (and therefore quickly fixed). Thoughts?
4 comments
[ 3.2 ms ] story [ 22.3 ms ] threadThat is a good idea IMO. :)