On Jun 9, 2008, at 11:54 AM, Leichter, Jerry wrote:
Computerworld reports:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818
[...]
Apparently earlier versions of this ransomware were broken because
of a
faulty implementation of the encryption. This one seems to get it
right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time
antivirus developer at another company, claims that Kaspersky is just
looking for publicity: The encryption in this case is done right and
there's no real hope of breaking it.
If there's just one key, then Kaspersky could get maximum press by
paying the ransom and publishing it. If there are many keys, then
Kaspersky
still has reached its press-coverage quota, just not as dramatically.
Speculation about this kind of attack has made the rounds for years.
It appears the speculations have now become reality.
But press gambits from security companies have been in the realm of
reality for
quite some time!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
