Saturday, December 01, 2007

Random number bug blights FreeBSD

More seriously, security researchers have discovered that it's possible for attackers to access the internal state tracking used in the pseudo-random number generators, random and urandom, bundled with FreeBSD. The flaw is akin to the bugs in pseudo-random generators within Windows XP and 2000 and has much the same effect. As such, the bug enables hackers to determine "random numbers" that underpin the security of encryption functions, such as SSL transactions.

Read the article HERE.

0 Comments:

Post a Comment

<< Home