wireshark: yet another pile of dissector flaws

I agree, the way I worded it sounds like a false dichotomy. I hate to oversimplify but I also did't want to write a book on large scale project management.

> it makes sense to work on infrastructure to limit the amount of damage that can be done by a malfunctioning decoder, by sandboxing or by providing a safe implementation toolkit

Not if you want to ship anything this decade. How many man-hours have been sunk into Chrome's sandboxing? (and they're still working on it). How many resources does Wireshark have compared to Chrome?

I also want my soldering iron hot and my kitchen knives sharp. This means that they must all be used with training and caution. Sure, I would dearly love safer tools but, so far, this is the best that the experts have managed with the resources they had.

And it's really not that bad.