|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
OpenSSL fixes bug, gets dissed by German gov: That's so random ... not
The Register, 4 February 2016
Days after fixing a rare but dangerous key recovery attack, the developers of OpenSSL have been dealt a fresh blow with a poor review of the technology from a German government agency. An extensive security study and code review on OpenSSL by Sirrix AG (and sponsored by the BSI (Bundesamt für Sicherheit in der Informationstechnik, a German federal government agency)1 returned multiple problems in the software. The report (German language original and official English language summary) highlights multiple issues with the RNG (Random Number Generator, a core component of crypto systems) and compiler flags. http://www.theregister.co.uk/2016/02...man_gov_audit/
__________________
When you see a good move, look for a better one. --Lasker Last edited by comet--berkeley; 6th February 2016 at 08:21 PM. Reason: fix spacing |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
OpenSSL 1.0.1k released with 8 security fixes | shep | News | 3 | 16th January 2015 11:47 AM |
OpenSSL fixes DoS bug in recent bug fix | J65nko | News | 0 | 20th January 2012 12:02 AM |
Attacks on German mTAN banking users | J65nko | News | 1 | 5th April 2011 09:38 PM |
New version of OpenSSL fixes two vulnerabilities | J65nko | News | 0 | 9th December 2010 02:56 AM |
New Internet Legislation Embarrasses German Government | J65nko | News | 0 | 18th February 2010 11:03 PM |