On 080515 at 22:20, Guido Hennecke wrote: > I want to say: Thank you! Me too, but mostly for how quick+open the situation was and is handled.
I especially like that sshd doesn't accept weak keys anymore. I think similar efforts should be made to check for weak keys in other locations and at least notify root, better yet move them to .broken > Why? The Debian developers seems the only developers, who investigated > the openssl code and not just used it. They found a strange thing in > the OpenSSL Code, asked the OpenSSL people and after all, they removed > the potentielly dangerous code peace. For what its worth...I see 3.5 problems that accumulated into this mess: - OpenSSL is complex and critical but the code is little documented. Code pieces like the ones in question should have warning-labels printed all over them and a distinguished place and interface. - There are published algorithms for good PRNGs, no need to help yourself with adding unintialized memory and praying the OS does a good job already. - I don't know how much of an effort was made, to get the fix into upstream, but it seems it wasn't enough. Not enough to get a sufficient level of peer review. Instead it was decided to manage yet another debian-specific patch. - (In theory, for critical software, a testcase should have been written to verify the problem and its solution. Difficult to test randomness if you don't know what to search for, though. But maybe it would have been noticed this way that the function in question actually has a different interface.) Anyways, thanks for the good incident response.. /Steffen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
