An attack on TCP/TLS has now been detected at broad scale, and traced
back to the bug responsible (client-side Heartbleed) and the probable
attacker (agency with massive pipe access, e.g. NSA).
This attack more fully informs the reason for the existence of the
group. It less directly informs the technical solutions, and indeed
might just cause confusion as there is room for both sides to claim "I
told you so!" :)
http://cryptome.org/2015/04/goodcrypto-attacked.htm
... In early 2015 people were still downloading our ISO file for
GoodCrypto. But suddenly installations stopped.
After a lot of checking we noticed that the downloads got HTTP 200
result codes, but the lengths were all too short. This isn't supposed to
happen. A 200 result means success. These weren't successful downloads,
but the web logs said they were. Ordinary log checks didn't show the
bug. ...
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
