Hacker News new | ask | show | jobs
by some_furry 1226 days ago
Right. In a lot of cases "this implements RSA" and "this wasn't written by Thomas Pornin" is enough to suspect a timing channel. Writing a proof of concept for one is at least an order of magnitude more challenging; at least in my experience. (I am way better at mitigation than exploit development.)
1 comments
tptacek 1226 days ago
Everybody is!
link
some_furry 1226 days ago
Good to know! (I thought maybe this was just my own biases or weaknesses showing. I've been trying to work on it this year when I have time.)
link