Thinking Elixir Podcast

64: OTP Certificate Woes with Bram Verburg

Listen Later

We talk with Bram Verburg about an important root certificate expiring at the end of September and how this impacts your Elixir and Erlang projects! Bram helps explain where this IS and IS NOT a problem. He also explains the different update options available. We also get Bram’s security perspectives from his years of focused study and contributions in the Elixir and Erlang communities. A great resource for understanding the current certificate situation and for protecting your Elixir projects!

Show Notes online - http://podcast.thinkingelixir.com/64

Elixir Community News

  • https://github.com/elixir-nx/explorer – New Elixir-Nx project called Explorer released
  • Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
  • https://twitter.com/cigrainger/status/1433934973682139139 – Twitter announcement of Explorer
  • https://github.com/hauleth/mix_unused – mix_unused is a compiler tracer for detecting unused public functions.
  • https://hexdocs.pm/prom_ex/readme.html – PromEx sees a new 1.4.x release
  • https://github.com/erlang/rebar3/releases/tag/3.17.0 – Rebar had a new release 3.17.0
  • https://github.com/woylie/ecto_nested_changeset – Ecto Nested Changeset project
  • https://github.com/elixir-ecto/ecto/pull/3731 – Discussion that lead to pulling out as a separate library

    • Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at [email protected]

    Discussion Resources

    • https://blog.voltone.net/post/29 – Initial post describing the problem
    • https://blog.voltone.net/post/30 – Updates and mitigation recommendations
    • https://www.youtube.com/watch?v=0jzcPnsE4nQ – Learn you some 'ssl' for much security! - ElixirConfEU 2019
    • https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets
    • https://blog.voltone.net/post/27 – CVE-2020-35733 discovered in December
    • https://blog.voltone.net/post/28
    • https://www.youtube.com/watch?v=r0DuAse9tK8
    • https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/
    • OTP 24.0.4 and later is good
    • OTP 23.3.4.6 and later is good
    • https://github.com/dlesl/erqwest
    • https://hex.pm/packages/mint
    • https://xkcd.com/927/ – The referenced XKCD comic
    • https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/
    • https://github.com/elixir-mint/mint/pull/328
    • https://blog.voltone.net/post/28
    • https://blog.voltone.net/post/27
    • https://en.wikipedia.org/wiki/Heartbleed
    • https://istio.io/
    • https://hex.pm/packages/hackney
    • https://hex.pm/packages/finch
    • https://blog.voltone.net/

      • Guest Information

      • https://twitter.com/voltonez – on Twitter
      • https://github.com/voltone/ – on Github
      • https://blog.voltone.net/ – Blog

        • Find us online

        • Message the show - @ThinkingElixir
        • Email the show - [email protected]
        • Mark Ericksen - @brainlid
        • David Bernheisel - @bernheisel
        • Cade Ward - @cadebward
          • ...more
          View all episodesView all episodes
          Download on the App Store
          Thinking Elixir PodcastBy ThinkingElixir.com
          • 4.9
          • 4.9
          • 4.9
          • 4.9
          • 4.9

          4.9

          32 ratings

          More shows like Thinking Elixir Podcast

          View all
          Hanselminutes with Scott Hanselman by Scott Hanselman

          Hanselminutes with Scott Hanselman

          377 Listeners

          Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

          Software Engineering Radio - the podcast for professional software developers

          272 Listeners

          The Changelog: Software Development, Open Source by Changelog Media

          The Changelog: Software Development, Open Source

          283 Listeners

          Talk Python To Me by Michael Kennedy

          Talk Python To Me

          592 Listeners

          Software Engineering Daily by Software Engineering Daily

          Software Engineering Daily

          624 Listeners

          Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

          Syntax - Tasty Web Development Treats

          982 Listeners

          REWORK by 37signals

          REWORK

          211 Listeners

          CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

          CoRecursive: Coding Stories

          189 Listeners

          Elixir Mix by Charles M Wood

          Elixir Mix

          13 Listeners

          Elixir Wizards by SmartLogic LLC

          Elixir Wizards

          22 Listeners

          The Stack Overflow Podcast by The Stack Overflow Podcast

          The Stack Overflow Podcast

          64 Listeners

          Beam Radio by Lars Wikman

          Beam Radio

          11 Listeners

          Oxide and Friends by Oxide Computer Company

          Oxide and Friends

          47 Listeners

          Elixir Mentor by Jacob Luetzow

          Elixir Mentor

          2 Listeners

          The Pragmatic Engineer by Gergely Orosz

          The Pragmatic Engineer

          52 Listeners