Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
quotemstr
on July 15, 2014
|
parent
|
context
|
favorite
| on:
LibreSSL's PRNG is Unsafe on Linux
It's hard to blacklist every piece of memory that might be sensitive. It's a much better idea, IMHO, to just put corefiles in a location accessible only to root. That's how Windows, OS X, Ubuntu, Android, and lots of other commercial systems work.
xorcist
on July 15, 2014
[–]
.. which you need to do anyway. The SSL library, and the program linked against it, can fail in a thousand more ways that generate them.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
