Debian Jessie compiling PHP with OCI8 & PDO OCI

First we need to grab instant client from oracle..
Basic and Devel RPM packages is enough.

Before we install PHP we need to install prerequisites.

sudo apt-get install gcc libbz2-dev libpng12-dev libc-client2007e-dev libmcrypt-dev libxml2-dev libcurl4-openssl-dev libxslt1-dev libaio1 apache2-dev alien

Turn rpm packages to debian packages with alien.

sudo alien -d oracle-instantclient12.1-basic-12.1.0.2.0-1.x86_64.rpm
sudo alien -d oracle-instantclient12.1-devel-12.1.0.2.0-1.x86_64.rpm

Install instant client packages we freshly converted.

sudo dpkg -i oracle-instantclient12.1-basic_12.1.0.2.0-2_amd64.deb
sudo dpkg -i oracle-instantclient12.1-devel_12.1.0.2.0-2_amd64.deb

Download latest php source from php.net; for example;

wget http://php.net/distributions/php-5.6.19.tar.bz2

tar -jxvf php-5.6.19.tar.bz2

cd php-5.6.19

export paths to system;

export PATH=/usr/lib/oracle/12.1/client64/bin:$PATH
export ORACLE_HOME=/usr/lib/oracle/12.1/client64/
export C_INCLUDE_PATH=/usr/include/oracle/12.1/client64/

now we configure to generate make files;

./configure --with-pdo-oci --with-oci8 --with-pdo-oci --with-apxs2=/usr/bin/apxs2 --with-kerberos --with-mysql --with-pdo-mysql --with-bz2 --with-curl --with-gd --with-imap --with-imap-ssl --enable-mbstring --with-mcrypt --with-openssl --enable-zip --with-zlib --disable-phar

(if you need phar, delete last option).

make & install

make
sudo make install

DROWN or not to DROWN

DROWN logo
DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. DROWN is another downgrade attack over SSL hence this time over SSLv2.
SSL has a good history with downgrade attacks likewise Lucky13, Crime, BEAST, Poodle. Currently %33 of internet servers uses SSLv2. With DROWN an attacker can decrypt connection with server which has SSLv2 enabled.

Papers and Vulnerability Testing Here

Encrypted Database provider zeroDB goes open source

ZeroDB is an end-to-end encrypted database. Data can be stored on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.

 

ZeroDB sources published at github.

ZeroDB-server sources

information about zerodb technology

 

Amazon introduces alternate TLS implementation s2n

s2n_logo

Amazon Web Services introduced s2n; an Open Source implementation of the TLS protocol.  s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, Amazon developers expected  that it is easier to review s2n; they have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.

Link

Repo