Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Dreamhost tells customers to expose themselved to MitM attack->

Submitted by rstory
rstory (155367) writes "It appears that there was some sort of security breach at Dreamhost, and on Friday they decided to generate new SSH host keys for all their servers. This was done without any notification to their customers. The only mention is on their status blog page, which I'd venture to guess that most customers don't even know about, and there they tell all their customers to delete their old keys and accept the new ones. They seem to lack a basic understanding of public key cryptography: public keys are meant to be PUBLIC. Can anyone think of a good reason why a) they wouldn't send out an email in advance (or immediately afterwards) to notify their customers, and b) they wouldn't post a page of all the new keys for customers to be able to verify? This seems to be highly irresponsible."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Dreamhost tells customers to expose themselved to MitM attack

Comments Filter:

"Oh what wouldn't I give to be spat at in the face..." -- a prisoner in "Life of Brian"

Working...