Comment The CA should be able to revoke (Score 1) 97
You cannot rely on DNS as controlled by the Subject only. The Issuer should be able to revoke a certificate and it does not control the corresponding DNS.
Comment Re:first post + 20 (Score 1) 726
Imagine a beowulf cluster of ... nevermind.
Microsoft Opens Vulnerability Bounty Program For Spartan Browser 53
jones_supa writes: As it did in the past when it tried to make Internet Explorer more secure, Microsoft has launched a new bug bounty program for Spartan browser, the default application of Windows 10 for surfing the information highway. A typical remote code execution flaw can bring between $1,500 and $15,000, and for the top payment you also need to provide a functioning exploit. The company says that it could pay even more than that, if you convince the jury on the entry quality and complexity. Sandbox escape vulnerabilities with Enhanced Protected Mode enabled, important or higher severity vulnerabilities in Spartan or its engine, and ASLR info disclosure vulnerabilities are also eligible. If you want to accept the challenge, Microsoft provides more information on how to participate.
Comment Re:AES-CTR (Score 1) 144
AES-CTR being based on a permutation rather than a true PRF might matter if SSH used all the counter values, but SSH rekeys every 2^32 blocks at most - a tiny fraction of the 2^128 possible counters.
Submission + - OpenSSH has a new cipher, chacha20-poly1305, from D.J. Bernstein!
ConstantineM writes: Inspired by a recent Google initiative to adopt ChaCha20 and Poly1305 for TLS, OpenSSH developer Damien Miller has added a similar protocol to ssh, chacha20-poly1305@openssh.com, which is based on D. J. Bernstein algorithms that are specifically optimised to provide the highest security at the lowest computational cost, and not require any special hardware at doing so. Some further details are in his blog, and at undeadly. The source code of the protocol is remarkably simple — less than 100 lines of code!
Comment s/iu/ui/ (Score 2, Informative) 133
Yeah, I know, dutch double vowels are confusing...
Comment Safety? (Score 1) 150
Never knew they took safety with them.
Comment Re:Here's why (Score 1) 220
Their inventory consists mostly of blackberries.
And PlayBooks!
Comment Re:TERRIBLE writeup (Score 1) 220
Hey, this is slashdot, where submitter don't read the original article, editors don't read the submission and posters... well, they just post and don't read anything at all. Might as well skip linking to any article at all.
Comment Late April fool's joke? (Score 0) 339
Dunno if I should laugh or cry
Comment Re:Good news!? (Score 1) 132
... and to promote that technology is cool, let's call in the help of the most uncool person in the world: QE II.
Comment Re:Version numbers (Score 2) 188
Google has grabbed a bunch of open source libraries, sometimes respecting the license, hacked on them, and rolled them into Chrom*.
If you have any cases where you think that Chrome is failing to comply with the terms of a free software license, then please file a bug at http://code.google.com/p/chromium/issues/list - we take license compliance very seriously. (I'm a Google engineer, though not working Chrome).
Comment Re:OpenSSH is not vulnerable (Score 4, Informative) 31
No, it is not vulnerable to this attack. The Brumley/Tuveri paper describes a timing leak in a specific algorithm that is only used for elliptic curve crypto over binary/GF(2m) fields. OpenSSH uses ECC over prime fields that use different algorithms that have no known timing leaks. A result against ECC using prime fields would be more difficult because the curve point components are integers and so can use well-tested modular arithmetic code.
Comment Re:Scientific Method (Score 1) 155
It's a good thing we did that before banning ozone-depleting freons.
Comment OpenSSH is not vulnerable (Score 4, Interesting) 31
OpenSSH isn't vulnerable to this attack: https://twitter.com/#!/damienmiller/status/72814031941017600
Slashdot Top Deals
The first sign of maturity is the discovery that the volume knob also turns to the left.
