On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] [more inside]
posted by finite on May 16, 2008 - 81 comments

a good reason to dump telnet for ssh: The main goal of the HUNT project is to develop tool for exploiting well known weaknesses in the TCP/IP protocol suite. I tried to implement some 'new' features which I didn't see in any free product. (connection synchronization after attack, ARP relayer, ...)
posted by greyscale on Dec 20, 1999 - 0 comments