The recent incidents with the Heartbleed OpenSSL vulnerability, along with the strange turn of events involving TrueCrypt shine a light on a big issue for security practitioners.
Google has announced another OpenSSL fork. Dubbed BoringSSL, it will, in time, replace the OpenSSL library in various Google's projects.
Even though a number of people have expressed interest in continuing the development of TrueCrypt, the future of these projects is questionable as one of the TrueCrypt developers feels that "forking" the software would not be a good idea.
In this podcast, wireless security researcher Michael Ossmann shares his insights on what to use - and how - to duplicate hardware devices found in the ANT catalog.
Another critical bug in an open source SSL/TLS (and DTLS) cryptographic library has been discovered and patched last week.