The proton beam safety shaver worked perfectly. Well, apart from not being able to distinguish between beards and users' braces. Still, good enough for indiegogo.
Posts by Frumious Bandersnatch
2662 publicly visible posts • joined 8 Nov 2007
Page:
Caption this: WIN a 6TB Western Digital Black hard drive with El Reg
WIN a 6TB Western Digital Black hard drive with El Reg
Chuffed with adding gait analysis to its self-destructing phones, the FBI begins porting to laptops.
German surfers blitzed by widespread malvertising campaign
VMWare used to offer a VM with Firefox installed a number of years back. Seems like a pretty good idea since for most people, the web browser is going to be the main point of entry for nasties. The link to follow seems to be this one, though it points to an external site (http://browser.shell.tor.hu/) that I'd never heard of before.
Still, most readers here probably don't need for someone else to package up things for them. It's easy to install a minimal OS and browser in a free VM systems (eg, VirtualBox) or do the same with Docker. Most malware won't be aware that it's running in a virtualised environment, and even if it is, it probably won't have any exploits to allow it to escape.
Experts ponder improbable size of Cleopatra's asp
El Reg celebrates Back to the Future Day
Temperature of Hell drops a few degrees – Microsoft emits SSH-for-Windows source code
Re: Good.
but Microsoft has ported some of it to CentOS, Debian GNU/Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux Enterprise Server, and Ubuntu Server
But they're all just "Linux". I don't see the point in saying that they ported to this distro and that one when they're all essentially the same target assuming they use standard tools like autoconf.
Let's talk about that NSA Diffie-Hellman crack
Re: Hard coded primes?
I can't believe that we'd leave such an obvious vulnerability
The thing is, it wasn't obvious. Lots of talented people have looked at the algorithm since it was first published and it was believed that the choice of prime didn't adversely impact the security of the algorithm in a way that was practical enough to exploit. Kind of like how HMAC constructions are believed to be secure even with slightly dodgy/insecure hash functions as the building block.
This is a good result. It doesn't mean that the DH key exchange protocol is fundamentally broken, I think. It will definitely need some tweaks to eliminate this vulnerability completely, and in the meanwhile I expect that we'll see a flurry of papers with people proposing different approaches to mitigating the weakness in short order.
It's also great to know what the "bad guys" (the guys with the most CPU power and storage space) are up to, since up until this point we didn't really know how they might be approaching the problem.
You may still feel that it's wrong that the vulnerability was there in the first place, but maths and cryptography is an uncertain business. Things take time to crack, then we understand why, and only then can we try to fix those faults. Nothing can ever be guaranteed to be completely secure and future-proof (except maybe quantum crypto). We just have to use the best tools available to us at any given time and balance it against the risk of future (or unknown present) attacks.