Boss: I’ll ask Wally to write this software. I haven’t seen him since he took that agile programming class.
Source: Wally And Agile Programming – Dilbert Comic Strip on 2016-07-30 | Dilbert by Scott Adams
Archive for December, 2016
Wally And Agile Programming – Dilbert Comic Strip on 2016-07-30 | Dilbert by Scott Adams
Posted by jpluimers on 2016/12/31
Posted in Fun, Quotes, T-Shirt quotes | Leave a Comment »
Everything Is Broken — The Message — Medium
Posted by jpluimers on 2016/12/31
Nice end-of-the-year reading:
Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and…
Source: Everything Is Broken — The Message — Medium
–jeroen
Share this:
Posted in Opinions | Leave a Comment »
The curse of vulnerable OpenSSL DLLs
Posted by jpluimers on 2016/12/30
When you ship OpenSSL DLLs, you should provide an update mechanism outside of your regular product cycle that updates these shortly after vulnerabilities are fixed.
Few if any products do that. So I made an overview from products and OpenSSL DLL versions I had installed on various systems.
I’m a developer, so the list is biased towards tools I use often.
All of them are vulnerable: [WayBack] https://www.openssl.org/news/vulnerabilities.html
- 1.0.2.h by ContinuaCI 1.8.1.185 PostgreSQL and Avast 12.3
- 1.0.2.g by SourceTree 1.9.x embedded git_local
- 1.0.2d by Git for Windows 2.6.1
- 1.0.2a by SQLite browser 3.7.0
- 1.0.1m by Delphi 10.0 Seattle
- 1.0.1l by Ruby 2.3
- 1.0.1f by SlikSvn 1.8.5
- 1.0.1g by Delphi XE8, Delphi XE7, VMware Workstation OVF tool and Adobe Creative Cloud 2.8.1
- 1.0.0g by Delphi XE6, Delphi XE5, Delphi XE4, Delphi XE3, Appmethod 1.13 and CollabNet SVN Client 1.7.5
- 1.00d by MarkdownPad 2
- 1.0.0 by FinalBuider 7 XE2 and FinalBuilder 7 EE
- 0.9.8za by VMware Remote Console Plug-in 5.1 and VMware Virtual Infrastructure Client 5.1
- 0.9.8y by VMware VIX Workstation 10
- 0.9.8t by Veaam Backup and Replication
- 0.9.8r by ContinuaCI 1.8.1.185 hg support, VMware VIX and VMware Workstation 8.0.2
- 0.9.8q by Veeam Backup Transport, Veaam Backup, xampp 1.7.4 and Replication and VMware Virtual Infrastructure Client 5.0
- 0.9.8o by xampp 1.7.4
- 0.9.8l by xampp 1.7.4
- 0.9.8n by Delphi XE2, Delphi XE and VMware VIX Workstation 7.1.0
- 0.9.8m by VMware VMRC Plug-in, VMware VIX and VMware Workstation 8.0.2
- 0.9.8i by VMware Virtual Infrastructure Client 4.1
- 0.9.8d by Database Workbench Pro 4.4.3, Database Workbench Pro 5.2.4 and VMware vSphere CLI Perl
- 0.9.8b by Adobe Creative Suite 5
- 0.9.7m by VMware VIX server 1.0.9
- 0.9.7l by VMware VIX VIServer 2
- N/A by Adobe Create Suite 5 and VMware VIX server 1
–jeroen
via: [WayBack] Does Delphi installer install OpenSSL dll’s?
PS: Below some Software Archeology related links in the comments.
Share this:
Posted in .NET, CollabNet, Delphi, Development, DVCS - Distributed Version Control, git, OpenSSL, Power User, Ruby, Security, Software Development, Source Code Management, SourceTree, Subversion/SVN | 7 Comments »
Getting A or better grading on SSL Labs HTTPS tests
Posted by jpluimers on 2016/12/30
Now that everyone has had enough time to get proper TLS certificates using for instance LetsEncrypt, it’s time to up the ante: score better than an A on the SSL Labs tests from either their main site or dev site:
Here are some links to get there:
- HOWTO: A+ with all 100%’s on SSL Labs test using apache2.4 (READ WARNINGS) – Server – Let’s Encrypt Community Support
- Getting an A+ on Qualy’s SSL Labs Tester
- How to achieve an A+ rating? | Qualys Community
- HTTP Strict Transport Security – Wikipedia, the free encyclopedia
- Turn it up to 100: A+ on Qualys SSL Labs Test | Litespeed.io
- SSL Server Test: kelunik.com (Powered by Qualys SSL Labs)
- Apache 2.4 SSL config for A+ on SSLLabs.com
–jeroen
Share this:
Posted in *nix, Apache2, Communications Development, Development, Encryption, Internet protocol suite, Let's Encrypt (letsencrypt/certbot), Power User, Security, TCP, TLS | Leave a Comment »
DNSSEC – Domainumzug mit Hindernissen / Blog / Privat – Lutz Donnerhacke
Posted by jpluimers on 2016/12/30
For my Link Archive: DNSSEC, Domainumzug mit Hindernissen / Blog / Privat – Lutz Donnerhacke.
–jeroen
via: Wenn man #DNSSEC mal richtig machen will, geht es komplett schief.
Share this:
Posted in Power User | Leave a Comment »
The Wiert Corner - irregular stream of stuff 