RSA-CRT Leak Report for January/February 2016
In January and February 2016, I continued to run RSA-CRT key leak detectors.
RSA-CRT Leak Report for November/December 2015
This article summaries the RSA-CRT leak developments during November and December, 2015.
RSA-CRT Leak Report for September/October 2015
No More Security
On October 1, 2015, I joined the Red Hat tools team, to work full-time on the GNU C library (glibc). I will spend a significant part of my time contributing to upstream development.
Text-only web sites and mobile browsers
Web browsers on mobile devices tend to treat text-only web sites the same way as they treat sites with visual layout. As a result, small changes are required so that a text-only web site renders properly on mobile browsers.
A Type Safety Hole in Unsafe Rust
There seems to be a widespread belief among Rust programmers that bypassing the borrow checker does not completely compromise type safety. This article attempts to show the converse, that lifetime checks are absolutely essential for type safety, even if no dangling pointers are involved.
Experimental Expat binding for Standard ML
After a long leave of absence, I have taken up programming in Standard ML again. A discussion on the MLton development list prompted me to publish my current software toy.
Hunting for bit rot
I examined multiple copies of my personal data for bit rot.
C++ rules for automatic member function generation
I cannot remember the rules according to which C++ automatically generates some class members, so this note serves as a reminder.
Style Guide for Writing Comparisons in Conditions
This posting describes a style for writing conditions in programming languages, and explains how it makes code more robust against certain security problems.