I thought this might interest the list:
Vulnerability in Cyberoam DPI devices [30 Jun 2012] (CVE-2012-3372)
===
Cyberoam make a range of DPI devices (http://www.cyberoamworks.com/)
which are capable of intercepting SSL connections.
Noon Silk wrote:
From:
http://blog.cryptographyengineering.com/2012/06/bad-couple-of-years-for-cryptographic.html
Here's the postage stamp version: due to a perfect storm of (subtle,
but not novel) cryptographic flaws, an attacker can extract sensitive
keys from several popular cryptographic
Sadly, I worry this scenario may not be all that unique.
While I have no first had experience or confirmation, some tech notes on
WebSense's site indicate they ship with a default root.
See
http://www.websense.com/content/support/library/web/v76/wcg_help/c_int_rt.aspxwhich
states;
Important
The
ANNOUNCING Tahoe, the Least-Authority File System, v1.9.2
The Tahoe-LAFS team is pleased to announce the immediate
availability of version 1.9.2 of Tahoe-LAFS, an extremely
reliable distributed storage system. Get it here:
https://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/quickstart.rst
On Mon, Jul 2, 2012 at 3:04 PM, Erwann Abalea eaba...@gmail.com wrote:
2012/7/2 Thor Lancelot Simon t...@panix.com
[...]
Besides PGP, what other standard, widely-deployed protocols require the
use of padding types other than OAEP?
TLS, up to v1.2. PKCS#1v1.5 is mandatory.
The TPM