Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.


How the Debian OpenSSL bug almost spawned a disaster

When news broke last year about the serious flaw in the Debian OpenSSL pseudorandom number generator, security experts knew it was a serious problem and warned users to regenerate any keys that had been created using the vulnerable versions of the OpenSSL package. More here

Nate Lawson, an expert on cryptography, today described in detail why the situation could have turned out much differently: Not only was every key that had been generated by the vulnerable versions compromised, so was every key used on systems running those vulnerable versions of Debian.

No Response to “How the Debian OpenSSL bug almost spawned a disaster” »

No comments yet.

RSS feed for comments on this post.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.