Securing a computer?
So I have a situation where I would like to keep data secure. In my mind if I’m working on a computer that has no network connection, this is the safest....
This magazine is from a federated server and may be incomplete. Browse more on the original instance.
So I have a situation where I would like to keep data secure. In my mind if I’m working on a computer that has no network connection, this is the safest....
cross-posted from: reddthat.com/post/20097432...
Today, 16 years ago, Debian published a security advisory announcing CVE-2008-0166, a severe bug in their OpenSSL package that effectively broke the random number generator and limited the key space to a few ten thousand keys. The vulnerability affected Debian+Ubuntu between 2006 and 2008. In 2007, an email signature system...
cross-posted from: lemmy.ml/post/15178977...
There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?
cross-posted from: infosec.pub/post/11554206...
cross-posted from: infosec.pub/post/11143989...
wetdry.world/@ari/112230288896956003
cross-posted from: infosec.pub/post/10912691...
discuss.systems/
The XZ Utils backdoor, discovered last week, and the Heartbleed security vulnerability ten years ago, share the same ultimate root cause. Both of them, and in fact all critical infrastructure open source projects, should be fixed with the same solution: ensure baseline funding for proper open source maintenance.