Search the Community

Want to know what the OpenBSD Foundation is doing with OpenSSL's code? Then you should read this blog. It's more suited for those who are able to read and understand C code. Skimming just the first page looks like the code is really in a bad condition - there are 39 pages so far (as of 15.07.2014). It's interesting to see what is being done. The only question is: Is this "list" complete?

In the wake of the Heartbleed Bug, the OpenBSD Foundation has begun a fork of the OpenSSL source code. Enter LibreSSL. In one week they have removed 90,000 lines of C code and 150,000 lines of content that they say was old or unused. For those not familiar with OpenBSD, they are a non-profit and are security centric in the coding of their software. Part of their culture is to frequently perform group audits of their code. PF, or Packet Filter, was originally designed by them and is the underlying engine of pfSense, which I trust to keep me secure. They are implementing the first release of LibreSSL into OpenBSD 5.6 and then working on porting it to other OS's I personally am excited about this. I think this has good potential for future releases of OpenVPN and ultimately our uses with VPN. This perhaps might be a good canidate for AirVPN's No-Profit Community innitiative. If it meets the standards for it, i will gladly submit a post for it. Further reading: http://www.libressl.org/ http://www.openbsdfoundation.org/ http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/