[liberationtech] Recommend consultant to discuss pen test?
Tom O
winterfilth at gmail.com
Thu Sep 5 22:03:32 PDT 2013
Posting a news article without context or response from Veracode is weak.
Chris Wysopal stated the static crypto checks were run to check if the
API's were implemented correctly, not implementation of custom keygen.
On Friday, September 6, 2013, Maxim Kammerer wrote:
> On Thu, Sep 5, 2013 at 4:48 AM, Tom O <winterfilth at gmail.com<javascript:;>>
> wrote:
> > Veracode will gladly pwn you.
>
>
> https://blog.crypto.cat/2013/02/cryptocat-passes-security-audit-with-flying-colors/
> http://tobtu.com/decryptocat-old.php
>
> --
> Maxim Kammerer
> Liberté Linux: http://dee.su/liberte
> --
> Liberationtech is a public list whose archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu <javascript:;>.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130906/bb37399f/attachment.html>
More information about the liberationtech
mailing list