Jim Youll
Mon, 09 Jun 2008 14:37:27 -0700
On Jun 9, 2008, at 11:54 AM, Leichter, Jerry wrote:
Computerworld reports: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818 [...]Apparently earlier versions of this ransomware were broken because of afaulty implementation of the encryption. This one seems to get it right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time antivirus developer at another company, claims that Kaspersky is just looking for publicity: The encryption in this case is done right and there's no real hope of breaking it.
If there's just one key, then Kaspersky could get maximum press bypaying the ransom and publishing it. If there are many keys, then Kaspersky
still has reached its press-coverage quota, just not as dramatically.
Speculation about this kind of attack has made the rounds for years. It appears the speculations have now become reality.
But press gambits from security companies have been in the realm of reality for
quite some time! --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]