The CRIME attack has been in the news recently, and some of our users have been asking about it. The short version of responding to the attack is simple: disable TLS compression. In wolfSSL, compression is disabled by default. The Tor project has posted an excellent explanation of the attack in their blog. For more […]
Read MoreMore TagMonth: September 2012
Avoid BEAST attack when using CyaSSL lightweight SSL implementation
Hi! To our users concerned about the following security advisory: http://www.securelist.com/en/advisories/50605 (as of 26 March 2018 at 9:28am MDT, this link no longer works and has no alternative), it is a vulnerability related specifically to SSL 3.0 and TLS 1.0. When using CyaSSL, you can avoid this vulnerability using one of several methods, including: 1. Using […]
Read MoreMore TagwolfSSL is Now Available in the MacPorts Project
If you are a user of the popular MacPorts project on OS X, you may be happy to hear that the wolfSSL embedded SSL library is now available as a MacPorts package. If you are not familiar with the MacPorts Project, a brief summary from their website does an excellent job of explaining the project. […]
Read MoreMore Tag