|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
Crypto flaw was so glaring it may be intentional eavesdropping backdoor
From http://arstechnica.com/security/2016...ping-backdoor/
Quote:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
I'm not familiar with the OpenSSL DH implementation but one would assume that such a system should check the provided prime numbers for primality at least with a crude and fast method, maybe this isn't the case?
|
|
|||
So much for the advantage of "peer scrutiny" of open source software
|
Tags |
socat |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears | J65nko | News | 0 | 12th January 2016 10:19 PM |
Security Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping | comet--berkeley | News | 6 | 13th April 2014 03:54 AM |
Security Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping | J65nko | News | 0 | 4th March 2014 10:59 PM |
Apache developers scramble to fix proxy flaw | J65nko | News | 0 | 25th November 2011 11:07 AM |
Security Security Flaw in the VTE Library | vermaden | News | 0 | 23rd November 2011 01:26 PM |