42 min
64: OTP Certificate Woes with Bram Verburg Thinking Elixir Podcast
-
- Så gör man
We talk with Bram Verburg about an important root certificate expiring at the end of September and how this impacts your Elixir and Erlang projects! Bram helps explain where this IS and IS NOT a problem. He also explains the different update options available. We also get Bram’s security perspectives from his years of focused study and contributions in the Elixir and Erlang communities. A great resource for understanding the current certificate situation and for protecting your Elixir projects!
Show Notes online - http://podcast.thinkingelixir.com/64
Elixir Community News
https://github.com/elixir-nx/explorer – New Elixir-Nx project called Explorer released
Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
https://twitter.com/cigrainger/status/1433934973682139139 – Twitter announcement of Explorer
https://github.com/hauleth/mix_unused – mix_unused is a compiler tracer for detecting unused public functions.
https://hexdocs.pm/prom_ex/readme.html – PromEx sees a new 1.4.x release
https://github.com/erlang/rebar3/releases/tag/3.17.0 – Rebar had a new release 3.17.0
https://github.com/woylie/ecto_nested_changeset – Ecto Nested Changeset project
https://github.com/elixir-ecto/ecto/pull/3731 – Discussion that lead to pulling out as a separate library
Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com
Discussion Resources
https://blog.voltone.net/post/29 – Initial post describing the problem
https://blog.voltone.net/post/30 – Updates and mitigation recommendations
https://www.youtube.com/watch?v=0jzcPnsE4nQ – Learn you some 'ssl' for much security! - ElixirConfEU 2019
https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets
https://blog.voltone.net/post/27 – CVE-2020-35733 discovered in December
https://blog.voltone.net/post/28
https://www.youtube.com/watch?v=r0DuAse9tK8
https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/
OTP 24.0.4 and later is good
OTP 23.3.4.6 and later is good
https://github.com/dlesl/erqwest
https://hex.pm/packages/mint
https://xkcd.com/927/ – The referenced XKCD comic
https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/
https://github.com/elixir-mint/mint/pull/328
https://blog.voltone.net/post/28
https://blog.voltone.net/post/27
https://en.wikipedia.org/wiki/Heartbleed
https://istio.io/
https://hex.pm/packages/hackney
https://hex.pm/packages/finch
https://blog.voltone.net/
Guest Information
https://twitter.com/voltonez – on Twitter
https://github.com/voltone/ – on Github
https://blog.voltone.net/ – Blog
Find us online
Message the show - @ThinkingElixir
Email the show - show@thinkingelixir.com
Mark Ericksen - @brainlid
David Bernheisel - @bernheisel
Cade Ward - @cadebward
We talk with Bram Verburg about an important root certificate expiring at the end of September and how this impacts your Elixir and Erlang projects! Bram helps explain where this IS and IS NOT a problem. He also explains the different update options available. We also get Bram’s security perspectives from his years of focused study and contributions in the Elixir and Erlang communities. A great resource for understanding the current certificate situation and for protecting your Elixir projects!
Show Notes online - http://podcast.thinkingelixir.com/64
Elixir Community News
https://github.com/elixir-nx/explorer – New Elixir-Nx project called Explorer released
Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
https://twitter.com/cigrainger/status/1433934973682139139 – Twitter announcement of Explorer
https://github.com/hauleth/mix_unused – mix_unused is a compiler tracer for detecting unused public functions.
https://hexdocs.pm/prom_ex/readme.html – PromEx sees a new 1.4.x release
https://github.com/erlang/rebar3/releases/tag/3.17.0 – Rebar had a new release 3.17.0
https://github.com/woylie/ecto_nested_changeset – Ecto Nested Changeset project
https://github.com/elixir-ecto/ecto/pull/3731 – Discussion that lead to pulling out as a separate library
Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com
Discussion Resources
https://blog.voltone.net/post/29 – Initial post describing the problem
https://blog.voltone.net/post/30 – Updates and mitigation recommendations
https://www.youtube.com/watch?v=0jzcPnsE4nQ – Learn you some 'ssl' for much security! - ElixirConfEU 2019
https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets
https://blog.voltone.net/post/27 – CVE-2020-35733 discovered in December
https://blog.voltone.net/post/28
https://www.youtube.com/watch?v=r0DuAse9tK8
https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/
OTP 24.0.4 and later is good
OTP 23.3.4.6 and later is good
https://github.com/dlesl/erqwest
https://hex.pm/packages/mint
https://xkcd.com/927/ – The referenced XKCD comic
https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/
https://github.com/elixir-mint/mint/pull/328
https://blog.voltone.net/post/28
https://blog.voltone.net/post/27
https://en.wikipedia.org/wiki/Heartbleed
https://istio.io/
https://hex.pm/packages/hackney
https://hex.pm/packages/finch
https://blog.voltone.net/
Guest Information
https://twitter.com/voltonez – on Twitter
https://github.com/voltone/ – on Github
https://blog.voltone.net/ – Blog
Find us online
Message the show - @ThinkingElixir
Email the show - show@thinkingelixir.com
Mark Ericksen - @brainlid
David Bernheisel - @bernheisel
Cade Ward - @cadebward
42 min