On Fri, Apr 11, 2014 at 4:37 PM, Rich Shepard wrote:
> On Fri, 11 Apr 2014, Richard Hector wrote:
>
> > Heartbleed isn't a problem with the encryption though; the encryption
> > didn't get broken. Any protocol could probably potentially suffer from a
> > buffer overflow due to a bug in the softwar
On Fri, 11 Apr 2014, Richard Hector wrote:
> Heartbleed isn't a problem with the encryption though; the encryption
> didn't get broken. Any protocol could probably potentially suffer from a
> buffer overflow due to a bug in the software. Given this one leaked info
> from the server process, who's
On Fri, 11 Apr 2014 19:15:00 +1200
Richard Hector wrote:
> On 11/04/14 09:41, ario wrote:
> > On Thu, 10 Apr 2014 19:04:27 +0200
> > Pongrácz István wrote:
> >
> >> > What if they implemented this "feature" to be able to get
> >> > information without trace? :
> > Then they would have succ
On 11/04/14 09:41, ario wrote:
> On Thu, 10 Apr 2014 19:04:27 +0200
> Pongrácz István wrote:
>
>> > What if they implemented this "feature" to be able to get information
>> > without trace? :
> Then they would have succeeded spectacularly with us thinking "there is
> a bug" in OpenSSL.
>
>
