Blogging Techstacks

A new HOWTO article detailing changes one needs to make in order to compile SSLv2 and TLSv1.2 client support into an Ubuntu 13.04 installation running OpenSSL 1.0.1c has been posted to the Techstacks HOW TO site: How To Enable SSLv2 and TLSv1.2 in OpenSSL 1.0.1c on Ubuntu 13.04. 

I recently discovered that getting reliable results running cryptonark scans on an Ubuntu 13.04 box running OpenSSL 1.0.1c and Net::SSLeay 1.54 required quite a bit of manual intervention on my part but it did result in a couple of additional How To posts. The first of these posts have been published over on the Techstacks How To site: How To Enable SSLv2 Methods in Net::SSLeay.

I posted Grade Encryption Ciphers in Java 6 on the How To site the other day and after posting it, I couldn't help but hope that something in it was incorrect. Let me know what you think but with the current state that SSL and TLS are in, things are pretty depressing. While writing it, I kept remembering a point Ivan Ristic had made over on the SSLLabs blog a few weeks ago in the post RC4 in TLS is broken: Now what?/p>

...for public web sites that need to support a wide user base, there is practically nothing 100% secure they can use to replace RC4. We now have no choice but to accept that, no matter what settings we use, some segment of the user base will be at risk.