On Wed, 4 Mar 2015, John Bartley K7AAY [email protected] wrote: > http://www.techrepublic.com/article/seagate-vulnerability-raises-questions-about-security-disclosures-and-proprietary-nas-solutions
Apparently a lot of ancient vulnerabilities are still present in current software releases. Yesterday's news was that Google and Apple are among the Web sites still using the 512-bit encryption madated by the feds as export-acceptable in the early- mid-1990s. Apparently, a moderately competent cryptanalyst with the power of ~15 servers (which can be accessed at AWS and other cloud computing providers) can extract the key in about 7 hours. Oops! For whatever the reason, they (and a bunch of others) never upgraded their encryption to 1024-bit or 2048-bit. Chrome is apparently not vulnerable, but Safari is. I don't have the URLs to the articles available or I'd post them here. Rich _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
