|
|||
|
|||
|
|||
|
|||
|
|||
| Webmaster rambling and mental notes | |||
|
|||
|
|||
|
|||
|
|
|
|
|
 |
||
|
|||
|
|||
|
2/10/2008 - OpenBSD Will Not Fix PRNG Weakness Snake-oil-security writes "Last fall Amit Klein found a serious weakness in the OpenBSD PRNG (pseudo-random number generator), which allows an attacker to predict the next DNS transaction ID. The same flavor of this PRNG is used in other places like the OpenBSD kernel network stack. Several other BSD operating expenses systems copied the OpenBSD code for their own PRNG, so they're vulnerable too; Apple's Darwin-based Mac OS X and Mac OS X Server, and also NetBSD, FreeBSD, and DragonFlyBSD. All the above-mentioned vendors were contacted in november 11 2007. FreeBSD, NetBSD, and DragonFlyBSD committed a fix to their respective source code trees, Apple refused to provide any schedule for a fix, but OpenBSD decided not to fix it. OpenBSD's coordinator stated, in an email, that OpenBSD is completely uninterested in the problem and that the problem is completely irrelevant in the real world. This was highlighted of late when Amit Klein posted to the BugTraq list." Read more of this story at Slashdot. More: - Continued here Mark
Technorati Tags: amit klein, and dragonflybsd, completely, dragonflybsd, freebsd, klein, netbsd, openbsd, problem, the openbsd, the problem
Filed under: amit klein, and dragonflybsd, completely, dragonflybsd, freebsd, klein, netbsd, openbsd, problem, the openbsd, the problem Post A Comment! Share and enjoy |
||
|
|||
|
|||
|
|||
|
|||
|
|||
| MARVEL, SPIDER-MAN, DOCTOR OCTOPUS and all MARVEL character names and distinctive likenesses thereof: TM 2003 Marvel Characters, Inc. All Rights Reserved. MARVEL and SPIDER-MAN: Trademarks registered in the USA and certain other countries. 2003 Sony Pictures Digital Inc. All rights reserved. |