1. 2
  1.  

  2. 1

    Google could easily throw a pile of engineers at fixing OpenSSL, but it’d never be in their interest to do it, because they’d be handing Facebook and LinkedIn and Amazon a pile of free money in unspent remediation costs

    This is a strange thing to say, in light of the fact that it was a Google engineer who found heartbleed. Not to mention boringssl.