@bascule There was a Bleichenbacher attack on JSSE that Oracle patched in January I believe? https://www.usenix.org/sites/default/files/conference/protected-files/sec14_slides_meyer.pdf …
-
-
-
@reaperhulk I stand corrected! Is this BERserk or something different? -
@bascule Not BERserk; it relied on an implementation bug that caused an OutOfBoundsException instead of handshake failure to distinguish. -
@reaperhulk aah, yeah I thought BERserk was a month old or so
End of conversation
New conversation -
-
-
@bascule erh, no http://armoredbarista.blogspot.de/2014/04/easter-hack-even-more-critical-bugs-in.html … this is kinda interesting because sidechannels may be more problematic in non-c-languages -
@hanno you can have sidechannel resistance in other languages besides C. Absence of GC and easy access to ASM both help
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule what planet am I onThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.