Coding Practice [was Re: Serious OpenSSL vulnerability]

[Tim]

On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote:
> millions and millions of affected users who had to go ahead and change
> passwords for many many things they rely on

One thing I haven't seen mentioned, here nor elsewhere, was whether the
bug could only affect you if they tried to hack the server while you
were using it.  Or if it was possible to extra useful data well after
you had been and gone.  Since it's talking about reading data beyond
what's expected, I suspect it may be that you were vulnerable even
sometime after your session, if the server hadn't re-used the memory for
something else, yet.

-- 
tim at localhost ~]$ uname -rsvp

Linux 3.11.10-301.fc20.i686 #1 SMP Thu Dec 5 14:21:31 UTC 2013 i686

All mail to my mailbox is automatically deleted, there is no point trying
to privately email me, I will only read messages posted to the public lists.

That Gnome 3 shite is really pissing me off.