From the blog
October 2, 2016
Systemd maintainer David Strauss has published a response to my blog post about systemd. The first part of his post is replete with ad hominem fallacies, strawmen, and factual errors. Ironically, in the same breath that he attacks me for not understanding the issues around threads and umasks, he betrays an ignorance of how the very project which he works on uses threads and umasks. This doesn't deserve a response beyond what I've called out on Twitter.
In the second part of his blog post, Strauss argues that systemd improves security by making it easy to apply hardening ...
|September 2016||How to Crash Systemd in One Tweet|
|February 2016||Domain Validation Vulnerability in Symantec Certificate Authority|
|December 2015||Duplicate Signature Key Selection Attack in Let's Encrypt|
|October 2015||I Don't Accept the Risk of SHA-1|
|August 2015||Hardening OpenVPN for DEF CON|