Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment No more! (Score 4, Interesting) 69

Every software developer, please stop using OpenSSL. It was crap then, it is crap now and it will be crap tomorrow. And LibreSSL is not the solution. You can't turn crap into something nice. You want a decent SSL library, try mbed TLS. Unlike OpenSSL, this library has good documentation (example programs included), has a logical and sane API (no ugly callback shit) and its code is clean and secure.

I switched from OpenSSL to mbed TLS (named PolarSSL back then) in my open source project some time ago. I should have done it more early! The migration was easy and only cost me a few days. So, stop punishing yourself and give mbed TLS a try. You won't regret it!!

No, I'm in no way connected to mbed TLS. Just a happy mbed TLS user who doesn't understand why people keep on torturing themselves and their users.

Comment Re:Do one thing, and do it well. (Score 1) 107

In that case, you better try mbed TLS (former PolarSSL). Has been tested and audited more times than this untested new comer. And it has full support for everything that is needed. mbed TLS makes every new attempt to implement an SSL / TLS library obsolete immediately.

Comment mbed TLS (Score 1) 95

I can advice every software developer to take a look at mbed TLS (former PolarSSL). It has everything a modern SSL-enabled application needs. It's API is easier that OpenSSL's, it has very good documentation (example programs included) and last but not least: it's secure!

No, I'm not the mbed TLS developer or in any way connected or related to mbed TLS. I'm just a very happy developer who replaced OpenSSL with mbed TLS in my project many years ago and never had any reason to look back. Even the users of my project are very happy with it. Good riddance!!

"We learn from history that we learn nothing from history." -- George Bernard Shaw