> Well, the operating system clears memory when it is allocated to a new > process, >but that doesn't matter. The residue containing memory sits around until it's >needed. And quite possibly during that time before it is re-allocated it is >subject to disclosure via heartbleed.
Heartbleed is a bug in an application library. It can leak data from the process in which the application is running, e.g. an SSL web server, but not from the rest of the computer. That's plenty bad, of course. R's, John _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
