Yes. Otherwise you get the Debian SSL bug. https://www.schneier.com/blog/archive... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		DanBC on May 2, 2014 \| parent \| context \| favorite \| on: Common LibreSSL porting mistakes Yes. Otherwise you get the Debian SSL bug. https://www.schneier.com/blog/archives/2008/05/random_number...

clarry on May 2, 2014 [–]

If anything, battle testing failed to catch that bug.

Some other form of testing could've caught it. Careful code review could've caught it.

Battle testing evidently has failed to catch many of the OpenSSL bugs that have been fixed in LibreSSL.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact