Day: 28 August 2008
-
Debian SSH keys
The Debian SSH key fiasco from earlier this year is starting to bear bad fruit. The original issue ( listed earlier in this blog ) is that the Debian project took out some code from the SSH source as part of a code cleansing exercise – this code unfortunately was responsible for inserting randomness into…
-
More global internet issues – BGP
Some security researchers have found a vulnerability in the BGP ( Border Gateway Protocol ) routing protocol that could allow one to intercept internet traffic on a scale not possible before, except by a group such as the NSA with their Echelon project. The attack exploits a man-in-the-middle type vulnerability in BGP to monitor and…