El 13/04/14 14:01, Big Fred escribió: > It was just demonstrated a few short days ago that the open source OpenSLL > had an included vulnerability (Heartbleed) that made a huge number of > websites hackable, including the ability to decrypt all SSL traffic by making > the server's private key accessible to hackers. The claim that open source > guarantees security was glaringly proven to be untrue. You are comparing a vulnerability (intended or not) with Mozilla allowing someone to introduce a hack to list people who visit Christian sites.
Yes, someone can try to introduce that malicious code, but not Mozilla as an organisation. That rationale can be applied to any kind of malicious code someone would like to introduce in Firefox, including any national security agencies. Open source allows anyone to be able to (sooner or later) detect it. In any case, talking about hypothetical cases here don't help to stay on topic with the situation we are trying to clarify. Regards. -- Rubén Martín [Nukeador] Mozilla Reps Mentor http://www.mozilla-hispano.org http://twitter.com/mozilla_hispano http://facebook.com/mozillahispano
signature.asc
Description: OpenPGP digital signature
_______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
