[OTR-users] OTR and OpenSSL Heartbleed vulnerability?
Timo Buhrmester
fstd.lkml at gmail.com
Wed Apr 16 17:49:47 EDT 2014
> Is it likely that this seperation of cryptographic processes is needed for forseeable security issues? Asked another way (he says with his tongue in his cheek) is an exploit like this Heartbleed likely to occur again?
No, (he answers with his tongue in his cheek), heartbleed was the last bug. We're safe now.
(FWIW, I don't think the `engineering cost' involved is /that/ high. It's basically IPC (authenticated by whatever means)
Timo
More information about the OTR-users
mailing list