Hi guys,
Just a thought - do we explicitly wipe password strings from RAM after using
them?
I just read an article (by MS in fact) that illustrates a cute problem.
Imagine you memset the password to zeros after using it. There is a good
chance that the compiler will simply remove the memset from the object code
as it will seem like it can be optimised away...
Just wondering...
Chris
