On Tuesday, 9 September 2014 at 13:05:34 UTC, matovitch wrote:
I am by no mean a security expert and this article scared me *a
lot*. Are there any truly secure TLS implementation ?
There may be room for an @crypto attribute where the stack, the
registers or the dynamically allocated memory would be zeroed
out in the end ? But as stated in the comments, it's probably
more of an OS job since a program may always crash.
I'd say, it's easier to steal the entire key sitting in your heap
(as heartbleed did it) than gather obscure traces from registers.
