this post was submitted on 14 Nov 2023
52 points (100.0% liked)

cybersecurity

3374 readers
14 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 2 years ago
MODERATORS
 

I read most of this article trying to determine if I was impacted, so to save you the trouble:

The researchers traced the keys they compromised to devices that used custom, closed-source SSH implementations that didn’t implement the countermeasures found in OpenSSH and other widely used open source code libraries.

top 3 comments
sorted by: hot top controversial new old
[–] ghostface 10 points 1 year ago

You da real mvp

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago)

tldr 1 in a million RSA keys are vulnerable

[–] [email protected] 1 points 1 year ago

I migrated most of my keys to ed25519 a while ago, I probably should keep going