The Daily Tech is reporting about a vulnerability in Linux that’s originating back from 2006 which is making any Linux machine an easier target for hackers.

It’s basically two lines of code causing the “secure keys” to be selected between a much more narrow range then the full range it’s meant to be. So instead of getting 128 bits encryption you get much less, even thou the keys looks OK they’re not.

The Daily Tech is writing:

The error originated back in May 2006 when workers on the open-source security project committed a grave and unrealized error.

A simple programming error reduced the entropy in the generated program keys created by the OpenSSL library.  Why does this matter?  The OpenSSL library’s key generation and other routines are used by the SSH remote access program, the IPsec Virtual Private Network (VPN), the Apache Web server, secure email clients, programs that offer secure internet portals and more.

Read the full story here.

Popularity: 8% [?]