| >Did you try to contribute to Chromium and Firefox to speed up fixing the Logjam issue? No. The issue isn't that it's (so) hard to fix; the fix in 39 has been out for a while, they just didn't want to release it for the stable release, which means few people got it. (In fact, some distros apparently fixed their versions earlier [1]). On Firefox, you could manually fix it in 2 minutes [2] I'm not familiar with the codebases, so it would take me longer to make a patch, but it really should not take 2 months to release to stable a fix that affected 8.4% [3] of popular websites, especially for a company like Google. The tinfoil hat in me says certain things about this, considering that logjam was likely known by the NSA, but then again I can't prove anything. I'm a bit surprised there hasn't been more talk about this, actually. A major security hole going unfixed for months after public disclosure should have had more chatter. [1] https://news.ycombinator.com/item?id=9702061
[2] http://techdows.com/2015/05/how-to-make-firefox-browser-safe...
[3] https://weakdh.org/ |