**hannes** @hannesm@mastodon.social · Aug 22, 2024, 08:14

**hannes** @hannesm@mastodon.social · Aug 22, 2024, 08:14

hannes @hannesm@mastodon.social

Aug 22, 2024, 08:14

Amazing! @reynir wrote an article about his discoveries of two CVE in OpenVPN while re-implementing the same protocol -- TL;DR: it's worth to spend time and money on re-developing network & security protocols. Read it at https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html

#openvpn #MirageOS #NGI #ngi_assure #OCaml #security

**greg** @greg@infosec.exchange · Aug 22, 2024, 20:54

**greg** @greg@infosec.exchange · Aug 22, 2024, 20:54

Aug 22, 2024, 20:54

greg @greg@infosec.exchange

@hannesm @reynir nice stuff! Both bugs are cool, but the second one particularly so. It nicely highlights how small "oddities" can actually turn into issues.

**Life is Tetris** @tetrislife@qoto.org · 2024-08-23T03:49:59Z

Life is Tetris @tetrislife@qoto.org

@greg @hannesm @reynir I didn't read it, but isn't this the sort of thing TLA+ modelling is supposed to help with? I remember a blog post by @talex5 about modelling a Xen protocol that way.

Aug 23, 2024, 03:49 · · Tusky · · ·

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…