Meet LibreSSL
Nov 20,
2014
The SSL/TLS protocol suite is critical for Internet security. Unfortunately, it’s one of those things that’s nice in theory but messy in practice. Good news — a very promising project is bringing help! We commonly say that we use SSL to secure Internet activity. However, that statement taken literally is very out of date! We […]
cryptography,
Dual_EC_DRBG,
ECC,
elliptic curve cipher,
Heartbleed,
LibreSSL,
linux,
open source,
OpenBSD,
OpenSSL,
Poodle,
secure design,
secure programming,
SSL,
TLS
Patch Bash Now, Shellshock Exploits Are Widespread
Oct 14,
2014
I was recently doing some work at a Major Financial Institution when I overheard two systems engineers comparing notes: “I have to install that Bash shell patch on my servers by the end of next month.” “Hah! My servers don’t have to have it until the end of the month after that! Guys, please. Patch […]
