In response to the recent POODLE vulnerability in SSLv3, I have disabled SSLv3 support in anything of mine which speaks SSL/TLS. All connections are running TLSv1.
Oct 16, 2014 - 1 min read
1f j00 R R34d1N 7h12 m3m0ry j00 R pWN3D
Another huge blunder this week in the ubiquitous OpenSSL library secadv. This one’s called Heartbleed. You can easily check if your services are vulnerable at filippo.
Apr 10, 2014 - 4 min read
When learning programming, beginners are always taught that goto’s are dangerous. They are dangerous because of their syntax. A missed colon or semi colon can mean a vastly different program flow.
Mar 9, 2014 - 1 min read
This page is outdated. Please use the Mozilla SSL Configuration Generator to generate a secure configuration. The SSL/TLS Protocol versions, and Ciphers have never really been an item which people configured very tightly.
Jan 12, 2014 - 1 min read