1. 09 Mar, 2015 2 commits
  2. 05 Mar, 2015 2 commits
  3. 05 Feb, 2015 1 commit
  4. 31 Jan, 2015 1 commit
  5. 30 Jan, 2015 2 commits
  6. 29 Jan, 2015 3 commits
  7. 28 Jan, 2015 1 commit
  8. 14 Jan, 2015 6 commits
  9. 09 Jan, 2015 3 commits
  10. 08 Jan, 2015 2 commits
  11. 07 Jan, 2015 1 commit
  12. 06 Jan, 2015 5 commits
  13. 05 Jan, 2015 3 commits
  14. 04 Jan, 2015 1 commit
  15. 29 Dec, 2014 2 commits
    • akwizgran's avatar
      Don't try to erase secrets from memory. · 358166bc
      akwizgran authored
      1. The things we're really trying to protect - contact identities,
      message contents, etc - can't be erased from memory because they're
      encapsulated inside objects we don't control.
      
      2. Long-term secrets can't be protected by erasing them from memory
      because they're stored in the database and the database key has to be
      held in memory whenever the app's running.
      
      3. If the runtime uses a compacting garbage collector then we have no
      way to ensure an object is erased from memory.
      
      4. Trying to erase secrets from memory makes the code more complex.
      
      Conclusion: Let's not try to protect secrets from an attacker who can
      read arbitrary memory locations.
      358166bc
    • akwizgran's avatar
      Moved stream crypto to crypto component. · f316d64a
      akwizgran authored
      f316d64a
  16. 26 Dec, 2014 2 commits
  17. 22 Dec, 2014 1 commit
  18. 17 Dec, 2014 1 commit
  19. 14 Dec, 2014 1 commit