Broken Debian Openssl

It’s been a day since news emerged of the long-term issue with the Debian packaged openssl. As demonstrated by the feedback to Ben Laurie’s Blog entry, this is a very high profile issue with plenty of opposing points of view. Hardly surprising, considering the impact it has on the security of the OS. There is… Continue reading Broken Debian Openssl

Published
Categorized as Security

Who do I trust?

I recently read an excellent article by Ben Laurie that proposes methods that evil companies like Phorm could use to intercept SSL communications. This got me thinking about whom I actually trust when I’m using the Web. Most people install an Operating System and simply trust whatever Certificate Authorities it happens to come with. A… Continue reading Who do I trust?

Published
Categorized as Security

Examining X509 Certificates

I have to look up these commands far too often! Issuer openssl x509 -noout -in cert.pem -issuer Common Name openssl x509 -noout -in cert.pem -subject Validity Dates openssl x509 -noout -in cert.pem -dates Hash Value openssl x509 -noout -in cert.pem -hash SHA1 fingerprint openssl x509 -noout -in cert.pem -fingerprint MD5 fingerprint openssl x509 -md5 -noout… Continue reading Examining X509 Certificates

Windows Update

I just visited Microsoft’s Windows Update facility for the first time in a while. My one and only Windows PC has been acting up a bit and at such times I like to begin the diagnosis by updating everything. On this occasion there was only one Critical Update and that was to Windows Genuine Advantage.… Continue reading Windows Update

Published
Categorized as Security