David Benjamin
David Benjamin
@t8m are you referring to the various mitigations/workarounds for the provider system? Those seem unrelated to this PR, which is about a performance regression in file I/O caused by 8300a8742b2abc487594a09b5e6ee726dbd30771....
While not an exact match, valgrind's rules for uninitialized memory are very close to the constant-time computational model. For BoringSSL, we've found it very valuable for flagging non-constant-time code. It...
Sure. Just tell valgrind that the secret data is "uninitialized". Then when you intentionally branch on or otherwise reveal data that is now public, you need to mark it "initialized"...
And, indeed, if you have random data in a savegame, UQM just blows up.
No, I think it'll need to be ported to GLES. Also unclear if whatever SDL/OpenGL glue is needed exists.
Apparently SDL/OpenGL in naclports exists now?
Okay, no that's not enough to trigger it.
Multiple sign-on would be cool. Though we may need to think about what UI we want in the end and possibly adjust the cross-origin API accordingly. My understanding is that...
I bet we can drop this now... maybe with a prompt for the odd cruft who still has no AES keys on their principal.
Had to revert this. :-(