Even though *this* hole is huge, the ratio of attack-surface-exposed to security... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Shish2k on April 9, 2014 \| parent \| context \| favorite \| on: Heartbleed Even though this hole is huge, the ratio of attack-surface-exposed to security-gained from SSL is still in general worth it; you'd be throwing the baby out with the bathwater to disable encryption entirely IMO For comparison, would you avoid having a web server (or roll your own) because of CodeRed?

mikeash on April 9, 2014 [–]

I would say that something like Code Red is an argument against putting up a web server when you don't need it and it provides no direct advantages to you, just out of some idea that increasing the overall amount of web traffic is good.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact