[cryptography] Just how bad is OpenSSL ?

Paul Hoffman paul.hoffman at vpnc.org
Tue Oct 30 12:10:34 EDT 2012


On Oct 30, 2012, at 9:11 AM, Thierry Moreau <thierry.moreau at connotech.com> wrote:

> Then it's just a matter of the shortest route to finish: route a) secure the swap, route b) monitor software components for maximum memory usage vs physical mem plus make a memory exhaustion fault analysis.

Errr, isn't the shortest route c) don't use swap in that system? You are not *forced* to use swap in Linux: I have plenty of Linux instances where it is not turned on.

Noting that it is humorous that people are attributing this to bad OpenSSL, not bad understanding of the places where OpenSSL runs....

--Paul Hoffman




More information about the cryptography mailing list