[OTR-users] OTR and OpenSSL Heartbleed vulnerability?
Bernard Tyers - ei8fdb
ei8fdb at ei8fdb.org
Wed Apr 16 17:29:57 EDT 2014
On 16 Apr 2014, at 22:20, Alex <alex323 at gmail.com> wrote:
> If your IM client used openssl to establish connections to (say)
> SSL-enabled XMPP servers, your OTR keys in theory could be leaked
> because the keys exist in the IM-client's memory, and that's what the
> Heartbleed bug is able to dump.
You’ve answered one of my questions I just sent in my last mail.
Thanks
Bernard
--------------------------------------
Bernard / bluboxthief / ei8fdb
If you’d like to get in touch, please do: http://me.ei8fdb.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20140416/de07247c/attachment.pgp>
More information about the OTR-users
mailing list