Your periodic reminder that Erlang distribution protocol is cool, but it is not cool to expose it to the internet: erlef.org/blog/security/epmd…

Our Working Groups had worked hard this year! 👏 🔍Take a look at some great initiatives of the Security WG: - They have published its “Web Application Security Best Practices for BEAM languages”: erlef.github.io/security-wg/… - They have sponsored an EEF stipend to develop and certify an OpenID Connect client library, along with supporting libraries for integration with Cowboy, Plug and Phoenix. For next year, they would like to: expand Web App Best Practices document to other BEAM-based web frameworks; help push forward other educational resources; improve security tooling for BEAM languages and renew efforts to provide solid SBoM (software bill-of-materials) tooling support for BEAM projects. There is a lot to be done and they are always looking for contributors! More info about this WG: erlef.org/wg/security #WeBeamTogether #Erlang #MyElixiStatus

To those unfamiliar, the Security Working Group of the @TheErlef does a fantastic work documenting the best security practices of both Erlang and Elixir, web and non-web: erlef.github.io/security-wg/ 👏👏👏 #MyElixirStatus

🚨 Attention, Community! 🚨 The EEF's Security Working Group has just released a new document detailing best practices for secure development of web applications using BEAM languages. Don't miss it! shorturl.at/hwEQ5 #Erlang #MyElixirStatus

Excited to be speaking at #GOTOaar 2023! I'll be exploring the security benefits and potential of concurrency oriented functional languages such as #erlang and #elixir. Get 10% off your conference pass with my code: bram10. See you there!

I released a Hex package for verification of AWS RDS server certificates. More info in this post: elixirforum.com/t/aws-rds-ca…

Client-Side Enforcement of LiveView Security - a classical web app vulnerability making a comeback? blog.voltone.net/post/31

Episode 134: We get a glimpse into @TheErlef’s Security Working Group with @voltonez. We learn about existing resources and get hints of the future. Bram shares some cool security tips and insights as well! #Erlang #ElixirLang @ElixirLang @erlang_org podcast.thinkingelixir.com/1…

Finally another Elixir meetup happening in NL! meetu.ps/e/LvtwX/9Dn6d/i featuring @voltonez and @peerstr ! #myelixirstatus

If anyone here is interested in joining the @TheErlef Security WG call at 3pm GMT tomorrow (Wednesday), DM me for the Zoom link. More info in the group’s channel over on EEF Slack

The latest Nerves systems (released Aug 11th) have this fix. It's getting close to Sep 30th, so don't delay upgrading if this affects you.

Episode 64: @voltonez explains how an expiring Internet root certificate can break Elixir and Erlang systems at the end of September! We learn what this does and does not affect, the update options, and more on the "root" cause. #ElixirLang @ElixirLang thinkingelixir.com/podcast-e…

Update on the #erlang #elixirlang impact of DST Root CA X3 expiry next month blog.voltone.net/post/30: patches by @erlang_org and good news for Hackney users

Erlang/OTP 24.0.4 and 23.3.4.5 are out, with improved support for cross-signed certificates. I will try to write a follow-up to blog.voltone.net/post/29 soon, on getting ready for DST Root CA X3 expiration Sep 30th