Open Source Security

By Josh Bressers

OpenSSL is the new lead paint

=> 🔊 Play episode (33 min) | Direct episode link | 💬 Share episode

Published November 06, 2022 6:00pm

Josh and Kurt talk about the recent OpenSSL nothingburger. OpenSSL got everyone whipped into a frenzy over a critical vulnerability, then changed the severity to high. The correct solution to this whole problem is to stop using a TLS library written in C, we need to be using memory safe languages. Don't migrate from OpenSSL 1 to 3, migrate from OpenSSL 1 to Rustls. Show Notes OpenSSL Blog Post OpenSSL pre-announcement Mark Cox Tweet 3.0 only affected GossiTheDog NDA Tweet Claims of a name and logo Rustls

Image Credit

=> Return to podcast

Proxy Information

Original URL: gemini://rocketcaster.xyz/episode/11218768387
Status Code: Success (20)
Meta: text/gemini
Capsule Response Time: 4921.413574 milliseconds
Gemini-to-HTML Time: 2.60285 milliseconds

This content has been proxied by September (ba2dc).