Maybe someone ought to tell lifehacker this perspective, until Sam gets a
team together to fix it?
-a
On 23 October 2012 20:11, Steve Weis <[email protected]> wrote:
> Seconded. Do not use this extension in production.
>
> I briefly looked at the code and found some mistakes: unauthenticated
> encryption, use of ECB for larger than one block, use of 512-bit ElGamal
> keys, possible timing attack to recover secret key hash, possible entropy
> exhaustion DoS attack, etc.
>
> [deletia]
--
http://dropsafe.crypticide.com/aboutalecm
--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
