@cR0w too many.

• Jist like there are way too many applications suceptible to the #CryptoAPI #backdoor of #Windows.

http://github.com/kkarhan/windows-ca-backdoor-fix

So far testing by @ct_Magazin / @heiseonline (and myseof later on) revealed only few #Apps not vulnerable to this specifics #Govware:

• #Firefox (uses @Mozilla / @mozilla_support / #Mozilla #NSS & has it's own #SSL certificate storage)
• @thunderbird (Mozilla NSS)
• @torproject / #TorBrowser (Mozilla NSS; custom certificates)
• #curl (uses @bagder #WolfSSL and manages it's own certs)

Anything else that uses the CryptoAPI is, espechally *all #Chromium-Forks (aka. All Browsers except Firefox, Tor Browser, #dillo, #LynxBrowser…)

Long, but great read from #HAProxy on the state of #TLS libraries. Includes some scathing remarks about the #OpenSSL project.

“The development team has degraded their project’s quality, failed to address ongoing issues, and consistently dismissed widespread community requests for even minor improvements.”

“This unfortunate situation considerably hurts QUIC protocol adoption. It even makes it difficult to develop or build test tools to monitor a QUIC server.”

“When some of the project members considered a 32% performance regression ‘pretty near’ the original performance, it signaled to our development team that any meaningful improvement was unlikely.”

“In blunt terms: running OpenSSL 3.0.2 as shipped with Ubuntu 22.04 results in 1/100 of #WolfSSL’s performance on identical hardware! To put this into perspective, you would have to deploy 100 times the number of machines to handle the same traffic, solely because of the underlying SSL library.”

https://infosec.exchange/@0xabad1dea/114466046966536049

“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”

#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks

I'll be speaking at CYSAT Conference in Paris next month!

Let me know if you are going! Stop by and say hi. I'll be at the #wolfSSL booth, too.

Frontgrade Gaisler and wolfSSL Collaborate to Enhance Cybersecurity in Space Applications

https://fed.brid.gy/r/https://spacenews.com/frontgrade-gaisler-and-wolfssl-collaborate-to-enhance-cybersecurity-in-space-applications/

At this year's #FOSDEM my team at #wolfSSL got no booth space so my large volume #curl sticker distribution (LVCSD) has to be done using other means.

The LVCSD will most likely happen in the cafeteria area, but feel free to ping me if you can't get your fix as planned.

I will bring thousands of curl stickers and hundreds of coasters. There will be a few mugs and maybe some tshirts.

Buying myself friends, like a boss.