Ben Laurie wrote: In OpenSSL we overwrite with random gunk for this reason. What? No compiler is smart enough to say, The program sets these variables but they are never referenced again. I'll save time and not set them. -
And of course, the article didn't get it right. Because of optimizing compilers, it is *not* trivial to zero passwords. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
It's time to start wearing t-shirts bearing the image of a banned banknote. (To circumvent counterfeiting laws, wear the banknote of a foreign country). Imagine the frustration of the police when they can't photocopy your picture.