The Most Dangerous Code in the World: Non-Browser Software Validating SSL Certs [pdf](www.cs.cornell.edu)
1 pointby ripe4 hours ago1 comment
  • philipwhiuk4 hours ago
    [2012]

    The situation has improved somewhat, although some of the underlying libraries have changed little so it's still easy to write insecure TLS.

    cURL's API was improved in 7.66.0 for example: https://github.com/curl/curl/pull/4241

    But the Java APIs are likely little changed.