[PapaBear3625]

Commentary from Daily Tech:

A simple programming error reduced the entropy in the generated program keys created by the OpenSSL library. Why does this matter? The OpenSSL library's key generation and other routines are used by the SSH remote access program, the IPsec Virtual Private Network (VPN), the Apache Web server, secure email clients, programs that offer secure internet portals and more.

In a nutshell, a 128-bit encryption key, instead of having 10^38 possible values (making it effectively impossible to guess they key), really only has 32,767 possible values, meaning that guessing the key becomes trivial

All your encryption keys are belong to us

[PapaBear3625]

Preliminary tech ping

[Da Coyote]

And what liberal arts degree did this “programmer” have? Obviously no math degree.

[edcoil]

So you get something for free and what - demand it is as secure as something you pay for? Silly people.

[LiberConservative]

... cracking the keys of these poor Linux and Ubuntu computer systems ...

Butbutbutbut I thought only evil Windows systems were vulnerable. /sarc

[Eddie01]

Bill Gates, is that you?

[ezsmoke]

debian screwed up and modified something they shouldn’t have. The OpenSSL Project itself does not have the bug nor does any non-debian based system.

[ShadowAce]

[BreitbartSentMe]

Bookmarking for later

[CodeToad]

ROTFLMAO!!!

Geez, I thought open source meant “thousands of programmers” would review the source code and therefore the source code would be secure. WHAT A GAFF!

[antiRepublicrat]

Ask for 128-bit and only get 15-bit? That’s a big screw-up.

[ShadowAce]