from the leave-your-comment-in-the-form-of-an-exploit dept.
dwheeler (321049) writes "Heartbleed was bad vulnerability in OpenSSL. My article How to Prevent the next Heartbleed explains why so many tools missed it... and what could be done to prevent the next one. Are there other ways to detect these vulnerabilities ahead-of-time? What did I miss?"
The first time, it's a KLUDGE! The second, a trick.
Later, it's a well-established technique!
-- Mike Broido, Intermetrics