A few days ago, Alexander Klink and Julian Walde showed how a flaw in implementation of hash tables in some programming languages can be used to launch DoS against some web servers. According to their paper [1], Java is also vulnerable.
I don't know how much Clojure relies on Java (HashMap etc.) in its own datastructures, therefore I don't know if it may also be vulnerable, but wanted to bring this to the attention of those who know... See also the page of their talk [2] and twitter account dedicated to hashDos attack [3]. [1] http://www.nruns.com/_downloads/advisory28122011.pdf [2] http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html [3] http://twitter.com/hashDoS -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
