From: "Trei, Peter" <[EMAIL PROTECTED]>
[Moderator's note: FYI: no "pragma" is needed. This is what C's
"volatile" keyword is for. Unfortunately, not everyone writing in C
knows the language. --Perry]
Thanks for the reminder about "volatile." It is an ancient and valuable
feature of C and I su
--
On 7 Nov 2002 at 16:36, Trei, Peter wrote:
> The 'volatile' keyword seems to have poorly defined
> behaviour.
"Volatile" memory typically both receives input from outside
the abstract machine, and generates output outside the abstract
machine. Indeed the expected reason to write to vola
From: "Trei, Peter" <[EMAIL PROTECTED]>
[Moderator's note: FYI: no "pragma" is needed. This is what C's
"volatile" keyword is for. Unfortunately, not everyone writing in C
knows the language. --Perry]
Thanks for the reminder about "volatile." It is an ancient and valuable
feature of C and I su
Kevin Elliott wrote:
> The point is though, that according to C99 today
>
> volatile int myflag;
> myflag=0;
> if (myflag!=0) { do stuff } ;
>
> does _exactly_ what you want, per the spec. The only compilers that
> don't work this way are by definition out of spec, so adding new
> stuff isn't goin
> At 03:55 PM 11/7/02 +0100, Steven M. Bellovin wrote:
> >Regardless of whether one uses "volatile" or a pragma, the basic point
> >remains: cryptographic application writers have to be aware of what a
> >clever compiler can do, so that they know to take countermeasures.
>
> Wouldn't a crypto c
> James A. Donald[SMTP:[EMAIL PROTECTED]] wrote:
>
>
> Reading the Wifi report,
> http://www.weca.net/OpenSection/pdf/Wi-
> Fi_Protected_Access_Overview.pdf
> it seems their customers stampeded them and demanded that the
> security hole be fixed, fixed a damned lot sooner than they
> intended to
> --
> From: Dave Howe[SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, November 07, 2002 3:46 PM
> To: Email List: Cypherpunks
> Subject: Re: Did you *really* zeroize that key?
>
> David Honig wrote:
> > I was thinking more in terms of arrays
> >
> > memset( arr, 0, sizeo
David Honig wrote:
> I was thinking more in terms of arrays
>
> memset( arr, 0, sizeof(arr)) // zero
> unsigned int v=1;
> for (int i=0; i< arr_size; i++) v += arr[i]; // check
> if ( v>0 && v<2 ) // test
> sanity();
> else
> insanity();
>
> But I suppose that if compilers can be arbitrarily 'cleve
At 19:30 + on 11/7/02, David Howe wrote:
at Thursday, November 07, 2002 6:13 PM, David Honig <[EMAIL PROTECTED]>
was seen to say:
Wouldn't a crypto coder be using paranoid-programming
skills, like *checking* that the memory is actually zeroed?
That is one of the workarounds yes - but of
On Wed, 6 Nov 2002, James A. Donald wrote:
> --
> Reading the Wifi report,
> http://www.weca.net/OpenSection/pdf/Wi-
> Fi_Protected_Access_Overview.pdf
> it seems their customers stampeded them and demanded that the
> security hole be fixed, fixed a damned lot sooner than they
> intended to fi
at Thursday, November 07, 2002 6:13 PM, David Honig <[EMAIL PROTECTED]>
was seen to say:
> Wouldn't a crypto coder be using paranoid-programming
> skills, like *checking* that the memory is actually zeroed?
That is one of the workarounds yes - but of course a (theoretical)
clever compiler could rea
Hello Jason:
>"Page 193 and 210 do talk about having an identifying
>value encoded in the credentials which the holder can
>prove is or isn't the same as in other credentials. However,
>the discussion on page 193 is with respect to building
>digital pseudonyms"
No, not at all. The paragraph o
In message <[EMAIL PROTECTED]>, Peter Gutmann writes
:
>>[Moderator's note: FYI: no "pragma" is needed. This is what C's "volatile"
>> keyword is for.
>
>No it isn't. This was done to death on vuln-dev, see the list archives for
>the discussion.
>
>[Moderator's note: I'd be curious to hear a summ
At 05:46 AM 11/7/02 -0800, Sarad AV wrote:
>hi,
>
>Wi fi customers are more paranoid than comparingly
>ordinary web users who are not so concerened of their
>security.
That's just plain silly. Its like saying a cellphone user is more
paranoid than a landline user. It was entirely convenience,
wi
At 09:20 AM 11/07/2002 -0800, our local weapon of mass destruction forwarded:
Sharon Shea-Keneally, principal of Mount Anthony Union High School in
Bennington, Vermont, was shocked when she received a
letter in May from military recruiters demanding a list of all her
students, including names,
At 03:55 PM 11/7/02 +0100, Steven M. Bellovin wrote:
>Regardless of whether one uses "volatile" or a pragma, the basic point
>remains: cryptographic application writers have to be aware of what a
>clever compiler can do, so that they know to take countermeasures.
Wouldn't a crypto coder be usin
While this clarification may be true, the government should realize that the
unconstitutional 'deep secret' library searches of the PATRIOT act render such rumors
as credible, causing their actions to be treated with deep suspicion even when the
actions may be legitimate. [We saw this in the UFO
>[Moderator's note: FYI: no "pragma" is needed. This is what C's "volatile"
> keyword is for.
No it isn't. This was done to death on vuln-dev, see the list archives for
the discussion.
Peter.
hi,
Wi fi customers are more paranoid than comparingly
ordinary web users who are not so concerened of their
security.
If we make a product,it should sell or the least a
large number of people should use it(personal
satisfaction),so it sells better with 'Wi Fi '
customers.
Regards Sarath.
--- "J
--
Reading the Wifi report,
http://www.weca.net/OpenSection/pdf/Wi-
Fi_Protected_Access_Overview.pdf
it seems their customers stampeded them and demanded that the
security hole be fixed, fixed a damned lot sooner than they
intended to fix it.
I am struck the contrast between the seemingly str
20 matches
Mail list logo