[Cryptography] Heartbleed and fundamental crypto programming practices
Dave Horsfall
dave at horsfall.org
Wed Apr 16 02:10:49 EDT 2014
On Tue, 15 Apr 2014, danimoth wrote:
> If I understood correctly, all crypto software should be compiled with
> -O0 flag...
I've never trusted optimisers; in essence you are asking an unknown party
to rewrite your critical code for you with no oversight, and hopefully get
it right.
-- Dave, bitten by many an optimiser
More information about the cryptography
mailing list