Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSL 1.0.2 Released

Posted by timothy on from the early-days dept.

kthreadd writes The OpenSSL project has released its second feature release of the OpenSSL 1.0 series, version 1.0.2 which is ABI compatible with the 1.0.0 and 1.0.1 series. Major new features in this release include Suite B support for TLS 1.2 and DTLS 1.2 and support for DTLS 1.2. selection. Other major changes include TLS automatic EC curve selection, an API to set TLS supported signature algorithms and curves, the SSL_CONF configuration API, support for TLS Brainpool, support for ALPN and support for CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.

97 comments

  1. Crazy by Anonymous Coward · · Score: 0

    Is this. You are STILL owned at any time by those who you will never see.

  2. libressl-2.1.3 by Anonymous Coward · · Score: 2, Informative

    libressl-2.1.3.tar.gz 21-Jan-2015 2.7M. For you non Open BSD users: portability wrappers. Full Source.

    1. Re:libressl-2.1.3 by Anon+E.+Muss · · Score: 5, Insightful

      libressl is NOT portable. Supporting BSD and Linux is not the definition of "portable" (see also: "We play both types of music: Country and Western"). The libressl code depends on the non-standard #include_next preprocessor directive, so it can only build with GCC (and probably clang, which emulates many GCC-isms). Forget about building on Windows using Microsoft's C compiler.

      OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.

      --
      The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
    2. Re:libressl-2.1.3 by ron_ivi · · Score: 3, Insightful

      NOT portable .... Forget about building on Windows using Microsoft's C compiler.

      Just because one compiler for one platform fails to support a popular C extension doesn't mean the library isn't portable.

      You can always choose to complie on that platform using one of the compliers that *does* support the extension.

    3. Re:libressl-2.1.3 by Anonymous Coward · · Score: 0

      libressl supports pretty much any unix-like OS and I know there's a guy working on Windows support as well. What other OS do you want to see supported? DOS? VMS? I don't get your comments. libressl supports like 99.9999% of all systems out there.

    4. Re:libressl-2.1.3 by iggymanz · · Score: 0, Flamebait

      LibreSSL is portable, it can be built on Windows. You don't know what portable means, "being able to be compiled by Microsofts bloatware" is not the definition of portable, windows-fanboy.

    5. Re:libressl-2.1.3 by armanox · · Score: 5, Informative

      Actually, libressl supports OS X and HP-UX as well. Some groundwork is in place for supporting AIX and IRIX (I no longer have access to AIX to continue porting, and I'm not sure IRIX will ever work right). If you really wanted it to work with MSVC, you could write, test, and propose the patches to make it work. I'm all for eliminating GCCisms (the areas I've been poking at the code I'm not trying to eliminate GCCisms, not my priority).

      --
      I'm starting to think GNU is the problem with "GNU/Linux" these days.
    6. Re:libressl-2.1.3 by armanox · · Score: 2

      I forgot Solaris in the supported list! Tested on Solaris 10-11.

      --
      I'm starting to think GNU is the problem with "GNU/Linux" these days.
    7. Re:libressl-2.1.3 by Anonymous Coward · · Score: 0

      libressl is NOT portable. Supporting BSD and Linux is not the definition of "portable"

      It supports posix and can easily run on an posix OS with a minor wrapper for a few OS specific APIs. Windows can F off.

    8. Re:libressl-2.1.3 by MSG · · Score: 2

      OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike

      Kind of. Its license actually isn't compatible with the GPL, so there's a whole lot of Free Software developers that can't use it.

    9. Re:libressl-2.1.3 by peppepz · · Score: 5, Interesting

      OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.

      We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.

    10. Re:libressl-2.1.3 by Anonymous Coward · · Score: 0

      Or is it the GPL that isn't compatible?

      GPL developers can use an exception to their license if they want to use OpenSSL. Many do, even some GNU projects.

    11. Re:libressl-2.1.3 by Carewolf · · Score: 2

      OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.

      We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.

      It also has a much worse track record in security, which is why no one uses it as the a primary SSL library and only as a library for operating on certificates.

    12. Re:libressl-2.1.3 by davydagger · · Score: 1

      Forget about building on Windows using Microsoft's C compiler.

      not my fault your shitty OS doesn't run our security tools. as far as GCC, GCC compiles for almost every platform under the sun, including windows. So the fact it doesn't compile with MS C is a moot point. heck, I can even cross compile for windoze in GNU/Linux

    13. Re:libressl-2.1.3 by Anonymous Coward · · Score: 1

      Care to provide any actual statistics for that claim, or are you just one of those annoying morons with a habit of being FUDsy against anything with "Gnu" in the name?

    14. Re:libressl-2.1.3 by dkf · · Score: 1

      I'm not sure IRIX will ever work right

      That matches my memory of trying to build things with the IRIX C compiler too, especially in 64-bit mode. Or were you talking about libressl specifically?

      --
      "Little does he know, but there is no 'I' in 'Idiot'!"
    15. Re:libressl-2.1.3 by armanox · · Score: 1

      I was referencing libressl in particular on this one. MIPS Pro, when set to c99, seems to handle most code that isn't bound to GCC with some exceptions. I'm building everything 32-bit here, so I can't speak for the 64 bit quirks. I'm also using GCC 4.7 for libressl, among other things that won't build right (php-5.6 and httpd-2.4 being the big ones on that particular box, I've built a lot of things on IRIX to bring stuff up to date though).

      --
      I'm starting to think GNU is the problem with "GNU/Linux" these days.
    16. Re:libressl-2.1.3 by Carewolf · · Score: 1

      Care to provide any actual statistics for that claim, or are you just one of those annoying morons with a habit of being FUDsy against anything with "Gnu" in the name?

      No, I prefer GPL when other choices are equal. GnuTLS has just never had a very good reputation, and even from the most optimistic point of view, it has always been secondary to OpenSSL just by having fewer users and fewer developers. I would be great if it was better, but it has had some unfortunately design choice and a long string of serious vulnerabilities. Just look it up.

    17. Re:libressl-2.1.3 by Anon+E.+Muss · · Score: 1

      libressl supports pretty much any unix-like OS

      Oh good, both Country and Western.

      I know there's a guy working on Windows support as well.

      Let me know what the guy working on Windows support actually gets it working. Until then it doesn't count. And by "working", I mean working with the Microsoft toolchain, which like it or not, is the official and most widely used toolchain for Windows.

      --
      The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
    18. Re:libressl-2.1.3 by Anon+E.+Muss · · Score: 1

      Just because one compiler for one platform fails to support a popular C extension doesn't mean the library isn't portable.

      Except that the one platform is Windows, which accounts for the vast majority of desktop PC's and laptops, and a significant chunk of servers. And the one compiler is the standard for Windows, used by the vast majority of Windows developers.

      You don't have to like this, but it is the truth.

      In my opinion, any software that can't compile on Windows using the native toolchain doesn't qualify as "portable". That doesn't make it bad software. It just isn't "portable" software.

      --
      The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
    19. Re:libressl-2.1.3 by ron_ivi · · Score: 1

      one compiler is the standard for Windows

      That sounds like the source of the portability issues right there.

      Perhaps that OS vendor could encourage more complier writers to support compliers for that platform.

  3. Obligatory reminder that an alternative exists by Rinisari · · Score: 2, Informative

    http://www.libressl.org/

    --
    Colin Dean Go a year without DRM
    1. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 4, Interesting

      http://www.libressl.org/

      That site doesn't support SSL...

    2. Re:Obligatory reminder that an alternative exists by Aethedor · · Score: 4, Informative

      Why start with something bad to make something good. If you want a good SSL library, try PolarSSL. It's a quite unknown, but great library. Unlike OpenSSL, this one has good documentation. The Hiawatha webserver uses it and it easily gives me an A+ score at SSL labs.

      --
      It doesn't have to be like this. All we need to do is make sure we keep talking.
    3. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 0

      How is this not +5 Insightful yet?

    4. Re:Obligatory reminder that an alternative exists by TechyImmigrant · · Score: 5, Informative

      We tried contacting the PolarSSL developers about contributing code to fix their random number problem. No response. No random numbers -> no security.

      No matter what the security problem, it's always the random numbers, or lack thereof that is the problem.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    5. Re:Obligatory reminder that an alternative exists by ArchieBunker · · Score: 2, Informative

      SSL is broken anyhow. The feds have all the top level keys and can listen with impunity.

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    6. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 0

      You're going to fix the 10s of thousands of programs due to the changed API?

    7. Re:Obligatory reminder that an alternative exists by Lunix+Nutcase · · Score: 1

      Because it doesn't need it.

    8. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 0

      PolarSSL is dual licensed, and commercial developers have to pay for it. OpenSSL is free (as in free beer). I don't care what PolarSSL costs; not having to engage my company's procurement group to buy something means that OpenSSL wins every time.

      Also, PolarSSL is owned by ARM now. Whatever goodness it may have had in the past will be gone soon. :-(

    9. Re:Obligatory reminder that an alternative exists by devman · · Score: 3, Insightful

      SSL/TLS has nothing to do with what certificates the client and server trust. You can bootstrap a TLS stream using a pre-shared key if you want, or with DANE, or with explicitly selected certificates. The fact that most clients use CAs for trust anchors is not a failure of SSL/TLS.

    10. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 0

      So roll your own CA?

    11. Re:Obligatory reminder that an alternative exists by TechyImmigrant · · Score: 1

      And they got swallowed up by ARM, so don't count on cross platform compatibility.

      With any security software, just because it runs, it doesn't mean it works.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    12. Re:Obligatory reminder that an alternative exists by meatspray · · Score: 1

      It's back to the future, future year, WTH isn't every communication secure? It's not a problem with overhead anymore.

    13. Re:Obligatory reminder that an alternative exists by Opportunist · · Score: 1

      A site where I'm supposed to get the core of my security from? If this doesn't need some way to ensure that I really connect with it instead of an intercepting mitm that injects its own version, what does?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    14. Re:Obligatory reminder that an alternative exists by Lunix+Nutcase · · Score: 1

      The download link is an external FTP server. So, no, you aren't supposed to download anything from that site.

    15. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 0

      SSL doesn't ensure that you aren't subject to a MITM attack. The way you know you are downloading the proper version is that all the packages are signed by the OpenSSL team's private key which you then use signify to verify. You are frankly a moron.

    16. Re:Obligatory reminder that an alternative exists by Desler · · Score: 2

      If this doesn't need some way to ensure that I really connect with it instead of an intercepting mitm that injects its own version, what does?

      In what universe do you live in that SSL prevents a MITM attack? MITM attacks exist in order to allow an attacker to monitor and modify your supposedly "secure" connections. You ensure that what you downloaded is what you meant to download by using the signify utility as mentioned on the page and verify that the package you download was signed by the OpenSSL devs.

    17. Re:Obligatory reminder that an alternative exists by Desler · · Score: 2

      And to head off the obvious rejoinder, yes, their private key can be compromised to allow an attacker to sign malicious packages. But if that is a genuine concern, why would you possibly trust the security of the SSL connection to their site?

    18. Re:Obligatory reminder that an alternative exists by fnj · · Score: 1

      In what universe do you live ... You ensure that what you downloaded is what you meant to download by using the signify utility as mentioned on the page and verify that the package you download was signed by the OpenSSL devs.

      LibreSSL files signed using OpenSSL's private key? In what universe do YOU live?

    19. Re:Obligatory reminder that an alternative exists by Billly+Gates · · Score: 1

      Wow is supports Windows and OpenVMS?

      --
      http://saveie6.com/
    20. Re:Obligatory reminder that an alternative exists by Desler · · Score: 1

      OpenBSD is what I obviously meant.

    21. Re:Obligatory reminder that an alternative exists by thegarbz · · Score: 1

      Two reasons:
      a) Not everything needs to be secure. Some things definitely. More things than we have now certainly. But not everything.
      b) Things break. For example virtual hosting breaks. You can only properly do SSL over virtual hosting if you have an SSL certificate covering all virtual hosts, and those are not free or cheap. Proxying and Caching has issues too. Yes you can do something and there are workarounds, but currently the security arsenal we have is not suitable for the wide variety of applications that exist across the internet.

    22. Re:Obligatory reminder that an alternative exists by armanox · · Score: 1

      Windows yes. I haven't seen anyone submit patches for OpenVMS, and I don't have an OpenVMS system to even try on. It does, however, support OS X, Net and Free BSD, HP-UX, and Solaris. I used to have it working for AIX and IRIX, but changes in the 2.1.x release have broken them for now, and I'm not sure that I'll ever get IRIX working again.

      --
      I'm starting to think GNU is the problem with "GNU/Linux" these days.
    23. Re:Obligatory reminder that an alternative exists by Antique+Geekmeister · · Score: 4, Informative

      You _can_ do so, but the hardcoded reliance on the master signature authorities in nearly every popular software tool makes such efforts problematic. It's exceedingly difficult to _excise_ these master keys, or to display them as "not trusted due to federal key access", without breaking many tools.

    24. Re:Obligatory reminder that an alternative exists by Anonymous Coward · · Score: 1

      No matter what the security problem, it's always the random numbers, or lack thereof that is the problem.

      (checks apt-get before making a fool of himself) ... Why the hell hasn't somebody made libRNG?

      p.s. Seriously, how hard could it be to split out the RNG code of openssl or libressl and make it the gold standard? Yeah, I know it's generally unproductive to ask such rhetorical questions. Yes, I'm a coder that could do it (never looked at openssl code, but I'm sure I've dealt with worse, so I know it's possible), but I have no desire to become the owner of such a project, so I won't even bother to look at the effort required. Nor will you, probably. I have plenty of other things occupying my time. Maybe in another 20 years, if I'm retired by then...

    25. Re:Obligatory reminder that an alternative exists by Aethedor · · Score: 1

      Can you tell me more about that random number problem?

      --
      It doesn't have to be like this. All we need to do is make sure we keep talking.
    26. Re:Obligatory reminder that an alternative exists by Keruo · · Score: 1

      Why the hell hasn't somebody made libRNG?

      .. no desire to become the owner of such a project..

      You do realize that you answered your own question right there?

      --
      There are no atheists when recovering from tape backup.
    27. Re:Obligatory reminder that an alternative exists by Carewolf · · Score: 1

      No matter what the security problem, it's always the random numbers, or lack thereof that is the problem.

      (checks apt-get before making a fool of himself) ... Why the hell hasn't somebody made libRNG?

      p.s. Seriously, how hard could it be to split out the RNG code of openssl or libressl and make it the gold standard? Yeah, I know it's generally unproductive to ask such rhetorical questions. Yes, I'm a coder that could do it (never looked at openssl code, but I'm sure I've dealt with worse, so I know it's possible), but I have no desire to become the owner of such a project, so I won't even bother to look at the effort required. Nor will you, probably. I have plenty of other things occupying my time. Maybe in another 20 years, if I'm retired by then...

      Because on a unix system you just read from /dev/random anyway. Random seeds is an operating system responsibility, you can not make good random numbers without a little good random seed.

    28. Re:Obligatory reminder that an alternative exists by DamonHD · · Score: 1

      That's at least three sorts of nonsense:

      https://www.fourmilab.ch/hotbi...

      https://www.random.org/

      http://random.hd.org/

      The OS has no magic either, or are you saying that it's random seeds all the way down?

      Rgds

      Damon

      --
      http://m.earth.org.uk/
    29. Re:Obligatory reminder that an alternative exists by devman · · Score: 1

      They are not hardcoded. You can remove all the default trust anchors if you want to, then add only certs that you feel you can trust. Deciding who to trust is not part of SSL/TLS.

    30. Re:Obligatory reminder that an alternative exists by TechyImmigrant · · Score: 1

      Yes, when I get back in the office and get the details. In hand wavey terms, 0 entropy in specfic VMs on specific headless servers, because it trusts the kernel to get it right.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    31. Re:Obligatory reminder that an alternative exists by Aethedor · · Score: 1

      I've done some statistics analysis on the output of PolarSSL's random generator. Looks good to me. Some while ago, they improved the random generator (now using AES). How long ago did you have problems with PolarSSL's random generator? If it was a long time ago, perhaps look at its current generator. Maybe your issue has been solved.

      --
      It doesn't have to be like this. All we need to do is make sure we keep talking.
    32. Re:Obligatory reminder that an alternative exists by Antique+Geekmeister · · Score: 1

      Hard coded may be too strong. They're certainly the mandated defaults at installation time. Extracting them is a laborious and painful manual process, likely to be overwritten by the very next security update in most packages with most installers. Disabling them disables hosts of automated tools which rely on ordinary HTTPS, and there are certainly core software repositories which rely extensively on ordinary root authorities to verify their SSL signatures. These include Github, bitbucket, sourceforge, and many commercial sites. And they are certainly hardcoded in the sense of "these are the signature authorities used by most vendors".

    33. Re:Obligatory reminder that an alternative exists by Platinumrat · · Score: 1

      And in Back to the Future, wasn't Marty's communications with Snake monitored by his Corporate Overload?

    34. Re:Obligatory reminder that an alternative exists by TechyImmigrant · · Score: 1

      The issue is the source of entropy, not the post processing.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    35. Re:Obligatory reminder that an alternative exists by Carewolf · · Score: 1

      That's at least three sorts of nonsense:

      https://www.fourmilab.ch/hotbi...

      https://www.random.org/

      http://random.hd.org/

      The OS has no magic either, or are you saying that it's random seeds all the way down?

      Rgds

      Damon

      Yes. There is for thing dedicated random number hardware and there is hardware that can produce partially random data, such as network cards and radios, but the latter are only really good when combined with eachother and with a random number tracker, which is something the OS can do.

    36. Re:Obligatory reminder that an alternative exists by DamonHD · · Score: 1

      If you look at my code for example at random.hd.org then you'll notice that it's something that user space can do just as well. The kernel has no magic other than direct access to a few more noisy things.

      Rgds

      Damon

      --
      http://m.earth.org.uk/
  4. Crucial features by Anonymous Coward · · Score: 0

    How much of FIPS/NIST aka NSA stuff was removed?

  5. features by Anonymous Coward · · Score: 0

    > Major new features in this release

    Wait...no Space Invaders? :-/

  6. Major new feature that's missing by QuietLagoon · · Score: 1

    "we fixed it"

    1. Re:Major new feature that's missing by unixisc · · Score: 1

      This is what I was wondering. That major bug in OpenSSL that caused security issues in applications using it - which caused LibreSSL to be created in the first place - has that been fixed?

  7. Re:Do you really trust the OpenSSL Corporation? by Anonymous Coward · · Score: 0

    No. They are not.

    Do you think the absence of documentation is due only to laziness?

  8. Re:Do you really trust the OpenSSL Corporation? by Anonymous Coward · · Score: 5, Insightful

    Do you think the absence of documentation is due only to laziness?

    Yes. "Never attribute to malice that which can be explained by incompetence." Not every fuckup is a conspiracy.

    I don't know any programmers who like writing documentation. Start with that, and add that the OpenSSL code is complicated and poorly written, and it's no wonder the documentation is lacking.

  9. OpenSSL and the Internet by Anonymous Coward · · Score: 2, Insightful

    It's an affront to common sense that the Internet's security largely relies on this wretched library, with its utterly dismal coding standards, its hideously, and unnecessarily, baroque and complex API, and its pathetic documentation.

    1. Re:OpenSSL and the Internet by Opportunist · · Score: 0

      It's an affront to common sense to put security as an afterthought on top of another protocol instead of making it an intrinsic part of the protocol. But that's what you get when you use ancient technology (and yes, TCP is ancient by computer standards) and simply refuse to accept that it is necessary to invest into it.

      But security does not sell. Only now people finally start to slowly catch on and realize that there might be a reason for security. They still don't know jack about it. They only know they "kinda wanna be protected". And that's what HTTPS and OpenSSL offers. It looks secure, Joe Randomsurfer doesn't understand jack and the whole security community will certainly not stand up and admit that it's all ... well, we can't really say it's insecure but ... well, I wouldn't bet my job on it either.

      The problem with the whole shit is that it is very, very hard to prove without a doubt that something is insecure when it's not blatantly so. And OpenSSL is not blatantly insecure. It doesn't have the gaping "dude, that's fucked up" holes. When you look through the past year, from heartbleet to POODLE, you'll notice that ... ok, heartbleet was a blunder and a half, but POODLE is by no means something you will instantly understand without quite a bit of understanding of the whole security process behind it and even then it may take a while to wrap your head around it.

      We're heading into the area of chances and probabilities. And I do predict that we'll see a lot more of this, attacks where it's not clean cut and "easy" to end up with a way to break security, but we will find that systems we thought to need 10^DAMN_LOT tries to brute force only need 10^VERY_LITTLE, because of flaws in the implementation or even the algorithm itself, where it becomes known that most of the "possible" keys were in fact impossible.

      That's what I'd expect from the next few years. And I kinda fear that we will find out more than we'd want to know.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:OpenSSL and the Internet by Electricity+Likes+Me · · Score: 2

      This is stupid.

      If there's one lesson in the history of computing, it's that every type of possible side-channel leaks information like crazy if not properly controlled. So in what world does it make sense to mix up your application or transport protocol with your security protocol? The examples you give have nothing to do with the underlying transport protocols, or overlaying application protocols that have been in use.

    3. Re:OpenSSL and the Internet by DamonHD · · Score: 1

      +1

      The security should work independently of details of the underlying medium and without relying on its exact implementation. A byte stream (observed or not) is just that. Likewise an unreliable packet stream.

      This is what we have abstraction for.

      Rgds

      Damon

      --
      http://m.earth.org.uk/
    4. Re:OpenSSL and the Internet by reikae · · Score: 1

      It makes sense that a library that exists (duh, but was anything else available in 1998?), is free of charge, and does its job will become widely used. Has a technically superior future alternative ever taken over something that was available when needed? Makes me think of IPv6, but I'm not sure the comparison works.

  10. Re:Do you really trust the OpenSSL Corporation? by caseih · · Score: 3, Insightful

    Sorry but that's all just pure baseless speculation on your part and fear mongering. The NSA can snoop SSL traffice regardless of ssl library simply by doing a man in the middle attack. And you'd never know it either, since they would be using a recognized root certificate. So I don't see what this issue has to do with openssl. And If they can brute force sniff SSL, I don't see how other ssl libraries are much safer.

    Several of the OpenSSL developers have commented here on slashdot and expressed chagrin combined with determination to fix the problems which years ago were not considered problems--they were bad but accepted solutions for the portability problem. But times have changed, and openssl is changing too. As others have said it's still the most portable, and it is a good choice, and I do trust it. I think their response to heartbleed was admirable. They acknowledged and fixed the problem promptly.

  11. Re: Hey Dice you dumb fucks by joaommp · · Score: 2

    If a browser crashes because of a site, it's the browser's developers fault.

    --
    Onda Technology Institute
  12. New version by Anonymous Coward · · Score: 0

    Yippppeeeee for the new version!

  13. Wasn't the NSA behind the CURVE algorithm?? by Billly+Gates · · Score: 1

    The Ellipse has been broken and is a major security risk

    --
    http://saveie6.com/
    1. Re:Wasn't the NSA behind the CURVE algorithm?? by Anonymous Coward · · Score: 0

      No, NSA was not behind elliptic curve

      http://en.wikipedia.org/wiki/E...

      The use of elliptic curves in cryptography was suggested independently by Neal Koblitz[1] and Victor S. Miller[2] in 1985. Elliptic curve cryptography algorithms entered wide use in 2004 to 2005.

      Neal I. Koblitz (born December 24, 1948[1]) is a Professor of Mathematics at the University of Washington in the Department of Mathematics. He is also an adjunct professor with the Centre for Applied Cryptographic Research at the University of Waterloo. He is the creator of hyperelliptic curve cryptography and the independent co-creator of elliptic curve cryptography.

      Victor Saul Miller (born 3 March 1947 in Brooklyn, New York, US) is an American mathematician at the Center for Communications Research (CCR) of the Institute for Defense Analyses in Princeton, New Jersey, US. He received his A.B. in mathematics from Columbia University in 1968, and his Ph.D. in mathematics from Harvard University in 1975. ... His main areas of interest are in Computational Number Theory, Combinatorics, Data Compression and Cryptography. He is one of the co-inventors of Elliptic Curve Cryptography.[1] He is also one of the co-inventors, with Mark Wegman, of the LZW data compression algorithm, and various extensions,[2] one of which is used in the V.42bis international modem standard.[3] He received an IEEE Millennium medal for this invention. He is also the inventor of Miller's Algorithm[4][5] which is of fundamental use in pairing-based cryptography. He is also one of the co-inventors of the Lagarias-Miller-Odlyzko prime counting algorithm.[6]

      So, either put up, or shut up with your FUD. Thank you.

    2. Re:Wasn't the NSA behind the CURVE algorithm?? by Anonymous Coward · · Score: 0

      The NSA has chosen the points of the published curves without disclosing their reasoning. GP is correct in that you have to trust the NSA if you use standard ECC algorithms, because the process in which they were developed was not open. However, not all elliptic curve crypto suffers from this issue. For example, Curve25519 developed by Daniel J. Bernstein is one of the few really open implementations that we "know" are secure.

      Don't use the NIST curves. They're likely broken by the NSA. Use one of the open curves.

  14. Re:Hey Dice you dumb fucks by jones_supa · · Score: 1

    My recommendation would be to submit a Chrome bug report.

  15. New RNG by Anonymous Coward · · Score: 0

    The last sentence of the summary looks like they're showcasing a new random number generator;)

  16. A different perspective by Elessar · · Score: 2

    First of full disclosure...I am a member of the OpenSSL development team.

    I've read a lot of anti-OpenSSL comments here along with some fairly amusing conspiracy theories! Some criticism is fair but much is not in my view.

    OpenSSL is a very different project to what it was a year ago. This time last year the development team was very small (6 people...not all of whom were active coders, most of whom were doing it in their spare time). Supporting the project was (and still is) a thankless task, and they did their best - but frankly the resources were not there to do the job properly. There is now a whole new team, built upon the original, running the project. We have gone from 6 people to 15 and brought on board a number of full timers. I know most of that team personally, and I can tell you that you couldn't hope to find a more dedicated and experienced team. There is a strong sense of responsibility, along with lots of plans in place for how to make things better.

    A lot is said about the problems with OpenSSL. Let me tell you about some of its strengths. The library will run on practically anything from desktops, to high end servers, to embedded devices, to mainframes, to mobile phones. It is highly optimised and is *fast*. We are lucky enough to have Andy Polyakov on the team who brings an exceptional talent in performing those optimisations. Due to its position in the market place OpenSSL is probably the most studied security software product out there. That study has intensified since Heartbleed. During the last year there have been a number of security issues identified and fixed as a result of that intensified study. This is a *good* news story.

    I am really excited about what the future holds for the project. We are busy working on 1.1.0, which brings with it a focus on reducing complexity. Improved documentation (which I've seen mentioned a number of times on this page) is also on our roadmap. I'm not complacent...I know there is a lot still to do...but I have a huge amount of confidence in the team that is now in place.

    1. Re:A different perspective by davydagger · · Score: 1

      obnoxious feature request, throw in support for twofish, and try and get the TLS standards body to add twofish as a supported protocol next version. Just two cents.

    2. Re:A different perspective by Anonymous Coward · · Score: 0

      I would use OpenSSL more often if it wasn't for the license compatibility problem with GPL. I understand that this is hard to fix though. Keep up the great work.

    3. Re:A different perspective by Anonymous Coward · · Score: 0

      Yes, I don't think you can convince every developer using the GPL to upgrade to a MIT/BSD license.

    4. Re:A different perspective by Anonymous Coward · · Score: 0

      :-)

    5. Re:A different perspective by unixisc · · Score: 1

      Thank you. Did you fix the problems that were a major issue which was brought out last time, and which brought about LibreSSL?

  17. Re: Hey Dice you dumb fucks by Zontar+The+Mindless · · Score: 1

    If a browser crashes because of a site, it's the browser's developers fault.

    You must have been deprived of Last Measure as a child.

    --
    Il n'y a pas de Planet B.
  18. Re: Hey Dice you dumb fucks by joaommp · · Score: 1

    Happily.

    --
    Onda Technology Institute
  19. Re:Hey Dice you dumb fucks by Anonymous Coward · · Score: 0

    WFM. What's the problem here?

  20. nss, gnutls, libreopenssl - rundown? by emil · · Score: 1

    Can someone provide a rundown on the advantages and drawbacks of these libraries, with a particular focus on network-facing applications?

  21. Re:Do you really trust the OpenSSL Corporation? by Anonymous Coward · · Score: 0

    Sufficiently advanced incompetence is indistinguishable from malice.

  22. No new features, please. by Anonymous Coward · · Score: 0

    The last thing openssl needs is "major new features." Clean up the bugs and source code. Get things in order before creating yet more features.