Hacker News Viewer

Top 20

The most dangerous code: Validating SSL certs in non-browser software (2012) [pdf]

by ripe on 1/27/2026, 6:45:56 PM

https://www.cs.cornell.edu/~shmat/shmat_ccs12.pdf

Comments

by: philipwhiuk

[2012]<p>The situation has improved somewhat, although some of the underlying libraries have changed little so it&#x27;s still easy to write insecure TLS.<p>cURL&#x27;s API was improved in 7.66.0 for example: <a href="https:&#x2F;&#x2F;github.com&#x2F;curl&#x2F;curl&#x2F;pull&#x2F;4241" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;curl&#x2F;curl&#x2F;pull&#x2F;4241</a><p>But the Java APIs are likely little changed.

1/27/2026, 7:11:15 PM