As some of you may know one of my hobbies is to review open
source software for security issues. About a year ago I reviewed
the RSA implementation of Crypto[1]: a native D library which,
according to dub statistics, is fairly popular.
Issues were found and after discussion with the author I d
On 1/7/20 9:19, Cym13 wrote:
As some of you may know one of my hobbies is to review open source
software for security issues. About a year ago I reviewed the RSA
implementation of Crypto[1]: a native D library which, according to dub
statistics, is fairly popular.
Issues were found and after
On Wednesday, 1 July 2020 at 07:49:27 UTC, Arafel wrote:
As somebody who also was somewhat involved in infosec and
cryptography in a previous life, I found your article really
interesting. So, first of all, thanks for taking the time to do
the review and for publishing the results!
I see that
On Mon, 2020-06-29 at 20:41 +, Paulo Pinto via Digitalmars-d-announce
wrote:
[…]
>
> Rust has only standardized part of the async/await story, the
> asynchronous
> runtime is not part of the standard library, so currently it is
> impossible to write code that works flawlessly across the
> e
On Mon, 2020-06-29 at 15:44 +, Patrick Schluter via Digitalmars-d-announce
wrote:
>
[…]
> And that is completely wrong headed. Internet is not always
> directly accessible. There are a lot of companies that restrict
> access to the Internet for their security sensible servers,
>
[…]
> No,
On Wednesday, 1 July 2020 at 07:19:11 UTC, Cym13 wrote:
Here's what you should know if you are a user:
RSA, as implemented in the library, is still very much broken.
I do not recommend using it. The confidentiality and integrity
of all messages exchanged using this library must be
questionned
On Wednesday, 1 July 2020 at 10:59:13 UTC, Dukc wrote:
On Wednesday, 1 July 2020 at 07:19:11 UTC, Cym13 wrote:
Here's what you should know if you are a user:
RSA, as implemented in the library, is still very much broken.
I do not recommend using it. The confidentiality and integrity
of all me
On 7/1/20 3:19 AM, Cym13 wrote:
As some of you may know one of my hobbies is to review open source
software for security issues. About a year ago I reviewed the RSA
implementation of Crypto[1]: a native D library which, according to dub
statistics, is fairly popular.
Issues were found and aft
Am Fri, 26 Jun 2020 08:36:06 + schrieb Mike Parker:
> I suspect they track HTTP referrers and red flag multiple hits to the
> same link from the same referrer. However they do it, I would expect
> linking directly to search results is something they account for.
Can't we just set Referrer-Pol