[langsec-discuss] so what does langsec have to say about heartbleed?

travis+ml-langsec at subspacefield.org travis+ml-langsec at subspacefield.org
Tue Apr 8 23:24:34 UTC 2014


http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html

So I'm wondering, apart from using buffer-safe languages (which is
obviously the Right Thing), is there something like taint-checking
that we could do in programming languages to prevent this sort of
thing?
-- 
http://www.subspacefield.org/~travis/
Remediating... like a BOSS.




-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140408/c1715a3a/attachment.pgp>


More information about the langsec-discuss mailing list