> On Jan 28, 2022, at 11:53 AM, Laura Smith <n5d9xq3ti233xiyif2vp@protonmail.ch> wrote:
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>
>> On Friday, January 28th, 2022 at 14:43, dansk puffer <danskpuffer@outlook.com> wrote:
>>
>> Are there any major security differences between libressl and openssl nowadays? From what I read the situation for openssl improved and some Linux distros switched back to openssl again with mostly? OpenBSD remaining to use libressl.
>
> For me at least, my main beef with Libressl is that it has seemingly mostly achieved its security posture by removing functions.
>
> Unfortunatley the functions removed are not obscure ones, but more common ones such as, IIRC, various very useful certificate and PKCS11 related functions.
>
Not to be rude, but you obviously don't know anything about how code security works.
The less code surface area that attackers have to play with, the safer you are. It is mathematically proven.
Now, removing code that had known quality and cultural SDLC issues that prevent the code from being secure, yes, I'm absolutely for removing that crap from the face of the earth.
If nobody else joins us, who gives a shit.
No comments:
Post a Comment