[Cryptography] It's GnuTLS's turn: "Critical new bug in crypto library leaves Linux, apps open to drive-by attacks"
Salz, Rich
rsalz at akamai.com
Wed Jun 4 09:54:04 EDT 2014
Ø Perhaps someone should start a IndieGogo or Kickstarter to properly audit OpenSSH, GnuTLS, openSSL, or something a little more important and used than TrueCrypt?
The Linux Foundatoin Core Infrastructure Intiative [1] has funded two full-time OpenSSL developers and will be funding Open Crypto Audit Project to do a security audit of OpenSSL [2].
[1] http://www.linuxfoundation.org/programs/core-infrastructure-initiative
[2] http://www.linuxfoundation.org/news-media/announcements/2014/05/core-infrastructure-initiative-announces-new-backers
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rsalz at jabber.me<mailto:rsalz at jabber.me>; Twitter: RichSalz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140604/16b902c0/attachment.html>
More information about the cryptography
mailing list