All about the Kinder™
I am the CEO/Co-founder of E29 Incorporated. I've been in the software industry for ten years now, have experience in about ten different computer languages, and once wrote a 60,000 line web application in three months without caffeine. I really wouldn't want to do that again.
Read more about me here, stalker.

Debian Massive Fail

By Adam Kinder on May 15, 2008 in

If any of you guys are running Ubuntu or Debian distros after the Sept 2006 0.9 build, make sure you upgrade your server asap: Major SSH security issue found.

Apparently someone was mucking around in the SSH code and broke the random number gen. When I say broke, I mean, reduced the possible key values from in the billions to just 32,767 keys. Metasploit has already generated a package will all possible 1024, 2048 and 4096-bit keys for Debian based systems.

Naturally the OSS fanboys on Digg/Reddit are downplaying the exploit by saying “At least its not windoze”.

??????If I was running Windows as my server OS, I wouldn’t be regenerating a few hundred SSH keys right now asshats.

No Comments

Welcome to Kinderism
Interesting Links
What I'm Doing...
- @mattjcline Is that because they are counting the bundles? in reply to mattjcline 6 hrs ago
- @dancryer with the breakupness? in reply to dancryer 1 day ago
- @grace1129 @tehbilly nooooo, bad, get back to coding! in reply to grace1129 1 day ago
- Wooorkin on some bugs 1 day ago
- @dancryer wha?? in reply to dancryer 1 day ago
- More updates...
Good Reads
Gallery

Debian Massive Fail

No Comments

Leave a comment

Welcome to Kinderism

Interesting Links

What I'm Doing...

Good Reads

Gallery