On Tue, May 6, 2014 at 9:45 AM, Cecil Westerhof <cldwester...@gmail.com> wrote: > 2014-05-05 19:48 GMT+02:00 Brian Craft <craft.br...@gmail.com>: >> I would never have guessed modularity as a reason to worry about security >> in fp. >> >> I worry about immutability in fp, wrt security. Security requires >> mutability in order to remove sensitive data from memory, and from app >> history. A FIPS > > Would forced garbage collection not take care of that?
I think the combination of zeroizing destructors, weak references, and forced garbage collection would go a long way. Then you only need to convince the FIPS validator/evaluator/thingie that your garbage collector behaves well so that sensitive data is scrubbed in a timely manner. /M -- Magnus Therning OpenPGP: 0xAB4DFBA4 email: mag...@therning.org jabber: mag...@therning.org twitter: magthe http://therning.org/magnus -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.