Just for the record, since this item is still being quoted:
- The reported weakness was a flaw in the *First Beta Release* of PasswordSafe
3.0
- The flaw has been fixed since the second beta, released in April 2006.
Rony
Hi,
- As has been pointed out, this is a BETA release, so it's a bit, er, inelegant
to describe this as a flaw in 3.0. Guess I'll have to bump the release number
when we fix this...
- At least this is an implementation flaw, as opposed to the format design flaw
that the good folks at
Title : PasswordSafe 3.0 weak random number generator allows key
recovery attack
Date : March 23, 2006
Product : PasswordSafe 3.0
Discovered by : ElcomSoft Co.Ltd.
Overview
==
PasswordSafe is a program
[EMAIL PROTECTED] wrote:
Title : PasswordSafe 3.0 weak random number generator allows
key recovery attack
Date : March 23, 2006
Product : PasswordSafe 3.0
Say, are you referring to /the/ PasswordSafe 3.0, you know, the one by
that Schneier guy, the one that's