March 9, 2010

‘Severe’ OpenSSL Vulnerability Reported

From the One Ping Only dept.:
Computer scientists say they’ve discovered a “severe vulnerability” in the world’s most widely used software encryption package that allows them to retrieve a machine’s secret cryptographic key.

…The scientists, from the University of Michigan’s electrical engineering and computer science departments, said the bug is easily fixed by applying cryptographic “salt” to an underlying error-checking algorithm. The additional randomization would make the attack unfeasible.

An OpenSSL official, who asked that his name not be published, said engineers are in the process of pushing out a patch and stressed the attack is difficult to carry out in real-world settings.

Share and Enjoy:
  • RSS
  • email
  • Add to favorites
  • Twitter
  • Digg
  • del.icio.us
  • Facebook
  • blogmarks
  • FriendFeed
  • Reddit
  • Slashdot
  • StumbleUpon
  • Suggest to Techmeme via Twitter
  • Technorati

Related Posts

    Filed under Uncategorized by

    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading ... Loading ...

    Leave a Comment

    Fields marked by an asterisk (*) are required.

    CAPTCHA Image
    *

    Rss Feed Tweeter button Facebook button Technorati button Reddit button Myspace button Webonews button Delicious button Digg button Stumbleupon button
    All trademarks and copyrights owned by their respective owners and are used for illustration only
    Kokopelli Creative Web Design
    igele1,oguyannsea1,oguyannsea1,oguyannsea1,igele1,oguyannsea1,oguyannsea1,kepolesen1,igele1,oguyannsea1,igele1,kepolesen1,oguyannsea1,oguyannsea1,igele1,