@bascule that's still a better track record than OpenSSL since the fork.
-
-
-
@MiodVallat still worse than BoringSSL -
@bascule but BoringSSL is only intended to cover Chromium needs. Also, I am not sure it is worse, some CVE were fixed in Libre before Boring -
@MiodVallat https://tinyurl.com/tlsundersiege LibreSSL removed cruft, BoringSSL added systematic length checks -
@bascule LibreSSL added length checks too. Apparently not enough. But you can not sum up LibreSSL as simply removing stuff. -
@MiodVallat yeah I shouldn't be too harsh I guess, you're both doing better than upstream ;) -
@bascule there is still a long road of bugs to fix, unfortunately.
End of conversation
New conversation -
-
-
@bascule@TheColonial who would have thought. Crypto can be hard! -
@g4rb0@TheColonial and we're losing on the easy stuff, not the crypto
End of conversation
New conversation -
-
-
@bascule@postmodern_mod3 Banner ad synchronicity.pic.twitter.com/6cW025zewk
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule Loss of CVE virginity. You never forget your first one.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule it's very difficult work, all the more so given the major refactoring underway in OpenSSL v 1.1, eg: https://github.com/openssl/openssl/commits/master … -
@kennwhite@bascule wow, loving@RichSalz work removing unsupported platforms! The ifdefs make following the code painful in 1.0.1
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.