mikeash.com: just this guy, you know?

"A failure in the hot air department"
RSS feed (full text feed) - Show Tag Cloud
Showing entries tagged "heartbleed". Full blog index.

by Mike AshTags: fridayqna memory heartbleed
The Heartbleed vulnerability made a big splash a couple of months ago, and rightly so. It could be described as a "memory leak", but it's not the standard kind where a program fails to free allocated memory. Instead, it allowed an attacker to dump memory contents from a remote program nearly at will, potentially leaking private keys, passwords, source code, and other data intended to stay secret. This got me thinking about ways to protect sensitive data against similar attacks. The result is MAParanoidAllocator, and in this article I'll discuss the implementation.
Hosted at DigitalOcean.