User: Password:
|
|
Subscribe / Log in / New account

Schneier: NSA Targets Privacy Conscious for Surveillance

Schneier: NSA Targets Privacy Conscious for Surveillance

Posted Jul 4, 2014 11:03 UTC (Fri) by roblucid (subscriber, #48964)
In reply to: Schneier: NSA Targets Privacy Conscious for Surveillance by fandingo
Parent article: Schneier: NSA Targets Privacy Conscious for Surveillance

I'm not sure that's a good idea, given what IS KNOWN about OpenSSL code quality. One system compromised uncessarily would be one too many, for many who didn't volunteer to obfuscate traffic using more complicated code paths for what is essentially broadcast plain text information.

This year, we've had invalid certificates being accepted, malloc bugs and other famous signs of poorly crafted and tested implmentation, so it's a hard sell to use OpenSSL uncessarily.


(Log in to post comments)

Schneier: NSA Targets Privacy Conscious for Surveillance

Posted Jul 4, 2014 14:31 UTC (Fri) by drag (guest, #31333) [Link]

I don't use OpenSSL for HTTPS on my servers. I stopped using it a long time ago, before the 'heart bleed' saga.

Also neither of the browsers I use (Chrome or Firefox) use OpenSSL either.

So, yay.


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds