> It is impossible to prevent the next heartbleed, no one can predict the future... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		naasking on Jan 19, 2022 \| parent \| context \| favorite \| on: How to Prevent the Next Heartbleed (2020) > It is impossible to prevent the next heartbleed, no one can predict the future. I think that's a little strong. Verify code using theorem provers and such vulnerabilities are all but impossible. But yes, prepare for the worst anyway.

oddlama on Jan 19, 2022 [–]

Then the next heartbleed could be a sidechannel not covered in your theorem. Better prepare in any case.

naasking on Jan 19, 2022 | [–]

Side channels are indeed a tough problem, but if all we have to worry about is side channel attacks, we'd be in a pretty good place overall. We're nowhere near that right now.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact