Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Tech and Talk » OS and Software » All Things Unix » Heads Up: Debian OpenSSL RNG Vuln CVE-2008-0166
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Forum FAQ ·Attitude Adjustment ·Linux docs ·DistroWatch ·OPLM ·FreeBSD Handbook
Gentoo revokes developer rights of 3, Cabal suspected. »
« Which is more stable and reliable UNIX OS?  

deblin
Dark Side of the Moon
Premium,MVM
join:2001-09-01
Middletown, DE

Re: Heads Up: Debian OpenSSL RNG Vuln CVE-2008-0166

Thanks for the info.

Just stumbled upon this. Interesting point, not sure I entirely agree with it. But certainly in this case the author makes a good point.
--
»hillaryis404.org/
permalink · 2008-05-13 10:39:05 · Reply to this

Cabal
Premium
join:2007-01-21
Boston, MA

Re: Heads Up: Debian OpenSSL RNG Vuln CVE-2008-0166

quote:
Usually it is bad to have any kind of dependency on uninitialised memory, but OpenSSL happens to include a rare case when its OK, or even a good idea: its randomness pool. Adding uninitialised memory to it can do no harm and might do some good, which is why we do it.
I know people hate to comment their code, but maybe intentionally using uninitialized memory would be a good opportunity for that sort of thing.
--
Interested in open source engine management for your Subaru?
permalink · 2008-05-13 11:12:03 · Print · Reply to this

Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA

Re: Heads Up: Debian OpenSSL RNG Vuln CVE-2008-0166

said by Cabal See Profile :

I know people hate to comment their code, but maybe intentionally using uninitialized memory would be a good opportunity for that sort of thing.
Funny you should mention that
permalink · 2008-05-13 11:37:16 · Print · Reply to this
Forums » Tech and Talk » OS and Software » All Things UnixGentoo revokes developer rights of 3, Cabal suspected. »
« Which is more stable and reliable UNIX OS?  

Friday, 27-Nov 20:20:08 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [120] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [68] In-Flight Internet Headed For Bumpy Landing?
· [61] Verizon CEO: Hulu Will Be Dead Soon
· [60] Thanksgiving Open Thread
· [38] EFF Wages War On Fine Print
· [38] ICANN Slams DNS Redirection
Most people now reading
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· Leveling to 85 [World of Warcraft]
· 5 hour energy for diabetic [General Questions]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· Motion Sickness Solutions? [General Questions]
· Speedtest server [TekSavvy]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]