On Sun, Oct 28, 2012 at 3:01 PM, Solar Designer <[email protected]> wrote: > [SNIP] > Frankly, I do find this specific approach questionable, but the > rationale is there, and the compiler optimization problem that this > weird approach is trying to solve is real. Just made the news: "In an analysis of the TOR source code, software developer Andrey Karpov found that the anonymisation software uses a function called memset() to delete cache data, which is not supported by all compilers. In some cases, that can cause the TOR client to leave confidential data like passwords in the system memory when it is closed." http://www.h-online.com/security/news/item/Security-issue-discovered-in-TOR-client-Update-1746884.html.
GCC really should provide a function like SecureZeroMemory that cannot be optimized away. Its easier than educating every developer about the optimization issue and telling them to compile with -O0. The Ostrich Algorithm at its finest. Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
