[Cryptography] Heartbleed and fundamental crypto programming practices

[Dave Horsfall]

On Tue, 15 Apr 2014, danimoth wrote:

> If I understood correctly, all crypto software should be compiled with 
> -O0 flag...

I've never trusted optimisers; in essence you are asking an unknown party 
to rewrite your critical code for you with no oversight, and hopefully get 
it right.

-- Dave, bitten by many an optimiser