Sign up to save your podcasts
Or
Share Episode 348 - OpenSSL is the new lead paint
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 348 - OpenSSL is the new lead paint
Josh and Kurt talk about the recent OpenSSL nothingburger. OpenSSL got everyone whipped into a frenzy over a critical vulnerability, then changed the severity to high. The correct solution to this whole problem is to stop using a TLS library written in C, we need to be using memory safe languages. Don't migrate from OpenSSL 1 to 3, migrate from OpenSSL 1 to Rustls.
Show Notes- OpenSSL Blog Post
- OpenSSL pre-announcement
- Mark Cox Tweet 3.0 only affected
- GossiTheDog NDA Tweet
- Claims of a name and logo
- Rustls
Image Credit
View all episodes
By Josh Bressers
4.7
4040 ratings
Josh and Kurt talk about the recent OpenSSL nothingburger. OpenSSL got everyone whipped into a frenzy over a critical vulnerability, then changed the severity to high. The correct solution to this whole problem is to stop using a TLS library written in C, we need to be using memory safe languages. Don't migrate from OpenSSL 1 to 3, migrate from OpenSSL 1 to Rustls.
Show Notes- OpenSSL Blog Post
- OpenSSL pre-announcement
- Mark Cox Tweet 3.0 only affected
- GossiTheDog NDA Tweet
- Claims of a name and logo
- Rustls
Image Credit
More shows like Open Source Security
View all
Hacked
186 Listeners
The Changelog: Software Development, Open Source
287 Listeners
Security Now (Audio)
2,006 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
LINUX Unplugged
270 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,025 Listeners
Late Night Linux
164 Listeners
Smashing Security
319 Listeners
Darknet Diaries
8,073 Listeners
Hacking Humans
315 Listeners
Defense in Depth
73 Listeners
2.5 Admins
98 Listeners
Risky Bulletin
44 Listeners