|go ahead... be a heretic|
This process is called "responsible disclosure".
The patches mitigating CVE-2013-1667 are all public.
The patches are public; but whether they actually address the perceived problem -- nor even if the perceived problem is actually a problem -- cannot be determined without knowing what the problem is.
The only code which is not public is the code which demonstrates a key-discovery attack on perls old hash function,
Easily reproduced with a 20 line script. It is running now:
You do not know what you are talking about
Actually, I do. As you will find out.
With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.