Blog

Late April throughout late June of 2018 was quite a hot time for the Cossack Labs team as we were actively developing our products, releasing feature after feature for Acra and Themis and also participated, spoken at, and hosted a number of conferences, meetups, and workshops. Want to see what it takes for an R&D team to actively participate in a conference circuit? Read on. 21/04 BSides Kyiv, Ukraine The BSides Kyiv security conference kicked off the series of social events for Cossack Labs in this quarter.

ACRA 0.81.0 RELEASE All the terrible things like lunar and solar eclipses, Mercury retrogrades, and PHP code refactoring will come later — this Friday is fully dedicated to the new release of Acra. In Acra 0.81.0 we’ve concentrated our efforts on improving the overall SQL handling, especially when it comes to SQL injection prevention, and teaching Acra’s “firewall” AcraCensor a few new tricks. If you’ve had troubles integrating some 3rd party WAFs into your infrastructure, Acra now might offer you a simpler, trouble-free solution.

ACRA 0.80.0 RELEASE This release is dedicated to usability and unification. Many components of Acra have been renamed. We believe that the updated names will decrease confusion about the components' functions and will make Acra's setup and usage process easier. The new names also align better with the common package naming practices. We couldn’t find a day inauspicious enough to release Acra 0.80.0, but decided that that last day of spring is still quite special :) Here are the changes in the new release:

Need for Docker image reducing To provide convenient delivery and faster deployment of our tools, just like everybody else − we use Docker. This article describes our experience of using containers for distribution of our product Acra (database encryption suite) and focuses on the method we used to reduce the size of Docker images approximately by 62-64 times. It’s not like we’ve made a revolutionary discovery, but as developers, we found it interesting to trace the steps from the moment of packaging a product into a container to trimming it down to a small Docker image.

ACRA 0.77.0 RELEASE Sticking to our tradition of rolling out new releases on conspicuous dates, we’re presenting Acra 0.77.0 on Friday 13th, Mercury retrograde. The changelog for the new Acra release was 3 pages long, so we’ve decided to spare you the details here (but you can always read the changelog in full in the Cossack Labs GitHub repository if you want to). Here are the main changes in the new release:

This article was published in 2018 about R&D work, which resulted in stable production release of Themis that now uses OpenSSL 1.1.1g If you’re a developer and you’re dealing with cryptography for your app, consider using high-level cryptographic libraries like Themis instead of OpenSSL. No need to struggle with OpenSSL if your goal is to protect users’ data. Moving to OpenSSL 1.1.0 Besides introducing breaking changes through abandoning backward compatibility on x64 systems, the recent version of Themis (Themis 0.

ACRA 0.76 RELEASE The spring and change are in the air! After a year in testing by early adopters (Acra 0.75 was released 1 year 5 days ago), we’re starting to push new features into the open-source version of Acra. 0.76 is a stability release, which unifies a lot of things “under the hood”: module interfaces, test automation, API, connection schemes — everything we need to gradually unveil & plenty of new exciting features we’ve prepared based on the user feedback.

THEMIS 0.10.0 RELEASE We couldn’t hold out till St. Valentine’s Day, so we’re releasing the love and all the hard work put into the new version of Themis today. Themis 0.10.0 is out and there is no turning back as this release introduces breaking changes. If you are using Themis on x64 systems, consider upgrading every Themis library/wrapper you were using to 0.10.0. Incompatibility issues may arise between previous Themis versions and 0.

Stats This was an eventful year for Cossack Labs! According to our GitHub stats, in 2017 we: made 1200 commits into master branches; merged 260 PRs; accumulated 444 new stars. Products and releases We picked a weird, but hopefully auspicious habit of releasing stuff on holidays or 13th days of the month (preferably Fridays :) or Mercury retrograde periods: Acra Acra’s public release took place on the 8th of March.

Season’s greetings and all kinds of good things in the New Year! – With 🔒 from Cossack Labs!