Thinking Elixir Podcast

64: OTP Certificate Woes with Bram Verburg

Listen Later

We talk with Bram Verburg about an important root certificate expiring at the end of September and how this impacts your Elixir and Erlang projects! Bram helps explain where this IS and IS NOT a problem. He also explains the different update options available. We also get Bram’s security perspectives from his years of focused study and contributions in the Elixir and Erlang communities. A great resource for understanding the current certificate situation and for protecting your Elixir projects!

Show Notes online - http://podcast.thinkingelixir.com/64

Elixir Community News

  • https://github.com/elixir-nx/explorer – New Elixir-Nx project called Explorer released
  • Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
  • https://twitter.com/cigrainger/status/1433934973682139139 – Twitter announcement of Explorer
  • https://github.com/hauleth/mix_unused – mix_unused is a compiler tracer for detecting unused public functions.
  • https://hexdocs.pm/prom_ex/readme.html – PromEx sees a new 1.4.x release
  • https://github.com/erlang/rebar3/releases/tag/3.17.0 – Rebar had a new release 3.17.0
  • https://github.com/woylie/ecto_nested_changeset – Ecto Nested Changeset project
  • https://github.com/elixir-ecto/ecto/pull/3731 – Discussion that lead to pulling out as a separate library

    • Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at [email protected]

    Discussion Resources

    • https://blog.voltone.net/post/29 – Initial post describing the problem
    • https://blog.voltone.net/post/30 – Updates and mitigation recommendations
    • https://www.youtube.com/watch?v=0jzcPnsE4nQ – Learn you some 'ssl' for much security! - ElixirConfEU 2019
    • https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets
    • https://blog.voltone.net/post/27 – CVE-2020-35733 discovered in December
    • https://blog.voltone.net/post/28
    • https://www.youtube.com/watch?v=r0DuAse9tK8
    • https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/
    • OTP 24.0.4 and later is good
    • OTP 23.3.4.6 and later is good
    • https://github.com/dlesl/erqwest
    • https://hex.pm/packages/mint
    • https://xkcd.com/927/ – The referenced XKCD comic
    • https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/
    • https://github.com/elixir-mint/mint/pull/328
    • https://blog.voltone.net/post/28
    • https://blog.voltone.net/post/27
    • https://en.wikipedia.org/wiki/Heartbleed
    • https://istio.io/
    • https://hex.pm/packages/hackney
    • https://hex.pm/packages/finch
    • https://blog.voltone.net/

      • Guest Information

      • https://twitter.com/voltonez – on Twitter
      • https://github.com/voltone/ – on Github
      • https://blog.voltone.net/ – Blog

        • Find us online

        • Message the show - @ThinkingElixir
        • Email the show - [email protected]
        • Mark Ericksen - @brainlid
        • David Bernheisel - @bernheisel
        • Cade Ward - @cadebward
          • ...more
          View all episodesView all episodes
          Download on the App Store
          Thinking Elixir PodcastBy ThinkingElixir.com
          • 4.9
          • 4.9
          • 4.9
          • 4.9
          • 4.9

          4.9

          32 ratings

          More shows like Thinking Elixir Podcast

          View all
          Software Engineering Radio by se-radio@computer.org

          Software Engineering Radio

          271 Listeners

          The Changelog: Software Development, Open Source by Changelog Media

          The Changelog: Software Development, Open Source

          289 Listeners

          Software Engineering Daily by Software Engineering Daily

          Software Engineering Daily

          625 Listeners

          Talk Python To Me by Michael Kennedy

          Talk Python To Me

          585 Listeners

          Thoughtworks Technology Podcast by Thoughtworks

          Thoughtworks Technology Podcast

          43 Listeners

          Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

          Syntax - Tasty Web Development Treats

          988 Listeners

          REWORK by 37signals

          REWORK

          210 Listeners

          CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

          CoRecursive: Coding Stories

          190 Listeners

          Elixir Wizards by SmartLogic LLC

          Elixir Wizards

          22 Listeners

          The Stack Overflow Podcast by The Stack Overflow Podcast

          The Stack Overflow Podcast

          63 Listeners

          Signals and Threads by Jane Street

          Signals and Threads

          72 Listeners

          Beam Radio by Lars Wikman

          Beam Radio

          11 Listeners

          Oxide and Friends by Oxide Computer Company

          Oxide and Friends

          62 Listeners

          Elixir Mentor by Jacob Luetzow

          Elixir Mentor

          4 Listeners

          Limitless Podcast by Limitless by Bankless

          Limitless Podcast

          75 Listeners