Related topics

Today's bugs have BRANDS? Be still my bleeding heart [logo]

Code-slinger Verity reviews the rash of groovy-named open-source security vulns

The Flensing of C

The Heartbleed fiasco and its antecedents have cast doubt on the famous golden ratio of eyeball to bug that open source allegedly offers.

Perhaps because I find cryptographic code deeply dull, I have always been sceptical of this claim. It seems to me that the only folks properly motivated to pore over the inner details of SSL are those naughtily looking for a vulnerabilities. Everybody else just mutters 'looks ok to me' and carries on squeezing their blackheads.

But now that I have myself invested nearly quarter of an hour of personal eyeball time with this supposedly well-inspected code, I have come to a different conclusion. No bug is shallow if it lives in a bug-camouflaging environment. It really is time that C was abandoned as the automatic choice for this work. Its use just sets up these failures.

OpenBSD is essaying a grand rewrite of OpenSSL called LibreSSL. They say their first task is to 'flense' the code. If this were to include using C++ to get a teensy bit of type safety, and stopping the antediluvian practice of depending on goto statements for resource protection, then I would overlook the ghastly verb flense in the expectation that our electronic secrets could enjoy a little more privacy in their cloudy nests. ®

Sponsored: 5 critical considerations for enterprise cloud backup