-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
An anonymous contributor has risked his life and honor for
mirroring the Petko D. Petkov mailbox on Rapidshare. We appreciate
this act of justice and wish him our best luck on any of his future
endeavors. Justice prevails.
The new mirrors:
http://rapi
Dan Kaminsky wrote:
>
>
> Eric Rescorla wrote:
>> At Fri, 8 Aug 2008 17:31:15 +0100,
>> Dave Korn wrote:
>>
>>> Eric Rescorla wrote on 08 August 2008 16:06:
>>>
>>>
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
> However, since the CRLs will almost certain
| > You can get by with a lot less than 64 bits. People see problems
| > like this and immediately think "birthday paradox", but there is no
| > "birthday paradox" here: You aren't look for pairs in an
| > ever-growing set, you're looking for matches against a fixed set.
| > If you use 30-bit has
It did seem strange that openid was singled out. The publicity will be only
beneficial, however. Openid had no pretentions to grandeur in the higher
assurance arena, of course. Now it getting more relevant, of course increasing
relevancy now begs the question: should that stance continue? Who wa
On Fri, Aug 08, 2008 at 12:35:43PM -0700, Paul Hoffman wrote:
> At 1:47 PM -0500 8/8/08, Nicolas Williams wrote:
> >On Fri, Aug 08, 2008 at 02:08:37PM -0400, Perry E. Metzger wrote:
> >> The kerberos style of having credentials expire very quickly is one
> >> (somewhat less imperfect) way to deal w
At Fri, 8 Aug 2008 15:52:07 -0400 (EDT),
Leichter, Jerry wrote:
>
> | > > Funnily enough I was just working on this -- and found that we'd
> | > > end up adding a couple megabytes to every browser. #DEFINE
> | > > NONSTARTER. I am curious about the feasibility of a large bloom
> | > > filter tha
Ben Laurie:
If you have a better forum, bring it on.
However, CAs do not have everything at their disposal to remove the
threat. Browsers,OpenID libraries and RPs must also participate.
Yes! First of all you've got the dev.tech.crypto mailing list at Mozilla
where this issue has been dis
On Fri, Aug 08, 2008 at 11:20:15AM -0700, Eric Rescorla wrote:
> Why do you say a couple of megabytes? 99% of the value would be
> 1024-bit RSA keys. There are ~32,000 such keys. If you devote an
> 80-bit hash to each one (which is easily large enough to give you a
> vanishingly small false positiv
[Sorry for duplicates, but I got multiple requests for a non-HTML
version, and I didn't want to fork the thread. Also sorry for
initially sending HTML; I didn't realize it was so abhorrent these
days. ]
On Fri, Aug 8, 2008 at 1:43 PM, Dan Kaminsky <[EMAIL PROTECTED]> wrote:
>>
>> It's easy to comp
| > > Funnily enough I was just working on this -- and found that we'd
| > > end up adding a couple megabytes to every browser. #DEFINE
| > > NONSTARTER. I am curious about the feasibility of a large bloom
| > > filter that fails back to online checking though. This has side
| > > effects but pe
On Fri, Aug 08, 2008 at 11:20:15AM -0700, Eric Rescorla wrote:
> At Fri, 08 Aug 2008 10:43:53 -0700,
> Dan Kaminsky wrote:
> > Funnily enough I was just working on this -- and found that we'd end up
> > adding a couple megabytes to every browser. #DEFINE NONSTARTER. I am
> > curious about the f
At 1:47 PM -0500 8/8/08, Nicolas Williams wrote:
>On Fri, Aug 08, 2008 at 02:08:37PM -0400, Perry E. Metzger wrote:
>> The kerberos style of having credentials expire very quickly is one
>> (somewhat less imperfect) way to deal with such things, but it is far
>> from perfect and it could not be
Ben Laurie:
On Fri, Aug 8, 2008 at 12:44 PM, Eddy Nigg (StartCom Ltd.)
<[EMAIL PROTECTED]> wrote:
This affects any web site and service provider of various natures. It's not
exclusive for OpenID nor for any other protocol / standard / service! It may
affect an OpenID provider if it uses a c
Dick Hardt:
On 8-Aug-08, at 10:11 AM, Ben Laurie wrote:
It also only fixes this single type of key compromise. Surely it is
time to stop ignoring CRLs before something more serious goes wrong?
Clearly many implementors have chosen to *knowingly* ignore CRLs
despite the security impli
On Fri, Aug 08, 2008 at 02:08:37PM -0400, Perry E. Metzger wrote:
> The kerberos style of having credentials expire very quickly is one
> (somewhat less imperfect) way to deal with such things, but it is far
> from perfect and it could not be done for the ad-hoc certificate
> system https: depends
On Fri, Aug 8, 2008 at 1:43 PM, Dan Kaminsky <[EMAIL PROTECTED]> wrote:
> It's easy to compute all the public keys that will be generated
>> by the broken PRNG. The clients could embed that list and refuse
>> to accept any certificate containing one of them. So, this
>> is distinct from CRLs in th
On 8-Aug-08, at 10:11 AM, Ben Laurie wrote:
>
> It also only fixes this single type of key compromise. Surely it is
> time to stop ignoring CRLs before something more serious goes wrong?
Clearly many implementors have chosen to *knowingly* ignore CRLs
despite the security implications, so my tak
* Eric Rescorla:
> Why do you say a couple of megabytes? 99% of the value would be
> 1024-bit RSA keys. There are ~32,000 such keys.
There are three sets of keys, for big-endian 32-bit, little-endian
32-bit and little-endian 64-bit. On top of that, "openssl genrsa"
generates different keys depen
http://cwcougar.googlepages.com/c99.txt
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On Fri, Aug 8, 2008 at 8:40 PM, Great Council of Internet Superheros
<[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Oh snap. That goes beyond your power, friendo.
>
> All the best,
> the Council.
> PS: Nice to meet you rocky.
>
Who the fuck is rocky?
All the best
On Fri, Aug 8, 2008 at 8:27 PM, Eddy Nigg (StartCom Ltd.)
<[EMAIL PROTECTED]> wrote:
> Ben Laurie:
>
> On Fri, Aug 8, 2008 at 12:44 PM, Eddy Nigg (StartCom Ltd.)
> <[EMAIL PROTECTED]> wrote:
>
>
> This affects any web site and service provider of various natures. It's not
> exclusive for OpenID nor
On Fri, Aug 8, 2008 at 7:54 PM, Tim Dierks <[EMAIL PROTECTED]> wrote:
> Using this Bloom filter calculator:
> http://www.cc.gatech.edu/~manolios/bloom-filters/calculator.html , plus the
> fact that there are 32,768 weak keys for every key type & size, I get
> various sizes of necessary Bloom filter
Stop spamming Full-Disclosure or i'll get your Hushmail account
terminated and your parents informed.
All the best,
n3td3v
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Se
Eric Rescorla wrote:
> At Fri, 8 Aug 2008 17:31:15 +0100,
> Dave Korn wrote:
>
>> Eric Rescorla wrote on 08 August 2008 16:06:
>>
>>
>>> At Fri, 8 Aug 2008 11:50:59 +0100,
>>> Ben Laurie wrote:
>>>
However, since the CRLs will almost certainly not be checked, this
means t
Eric Rescorla <[EMAIL PROTECTED]> writes:
>It's easy to compute all the public keys that will be generated
>by the broken PRNG. The clients could embed that list and refuse
>to accept any certificate containing one of them. So, this
>is distinct from CRLs in that it doesn't require knowing
>which
At Fri, 08 Aug 2008 10:43:53 -0700,
Dan Kaminsky wrote:
> Eric Rescorla wrote:
> > It's easy to compute all the public keys that will be generated
> > by the broken PRNG. The clients could embed that list and refuse
> > to accept any certificate containing one of them. So, this
> > is distinct from
On Fri, 8 Aug 2008, Dave Korn wrote:
| > Isn't this a good argument for blacklisting the keys on the client
| > side?
|
| Isn't that exactly what "Browsers must check CRLs" means in this
| context anyway? What alternative client-side blacklisting mechanism
| do you suggest?
Since the list of bad
Note ripped code by ZMDA.
It was recently discovered that a 'member of the underground' released an
exploit, which exploits a vulnerability in the ADNS resolver.
Apparently, he didn't write this exploit, nor did he do much modification to
the exploit he leached.
This is the real exploit, written
Dick Hardt wrote:
On 8-Aug-08, at 10:11 AM, Ben Laurie wrote:
It also only fixes this single type of key compromise. Surely it is
time to stop ignoring CRLs before something more serious goes wrong?
Clearly many implementors have chosen to *knowingly* ignore CRLs
despite the security
"Ben Laurie" <[EMAIL PROTECTED]> writes:
>> It's easy to compute all the public keys that will be generated
>> by the broken PRNG. The clients could embed that list and refuse
>> to accept any certificate containing one of them. So, this
>> is distinct from CRLs in that it doesn't require knowing
*cough* http://codefromthe70s.org/sslblacklist.asp *cough*
--
Dan Guido
On Fri, Aug 8, 2008 at 12:57 PM, Eric Rescorla <[EMAIL PROTECTED]> wrote:
> At Fri, 8 Aug 2008 17:31:15 +0100,
> Dave Korn wrote:
>>
>> Eric Rescorla wrote on 08 August 2008 16:06:
>>
>> > At Fri, 8 Aug 2008 11:50:59 +0100,
Eric Rescorla wrote on 08 August 2008 17:58:
> At Fri, 8 Aug 2008 17:31:15 +0100,
> Dave Korn wrote:
>>
>> Eric Rescorla wrote on 08 August 2008 16:06:
>>
>>> At Fri, 8 Aug 2008 11:50:59 +0100,
>>> Ben Laurie wrote:
However, since the CRLs will almost certainly not be checked, this
mea
At Fri, 8 Aug 2008 17:31:15 +0100,
Dave Korn wrote:
>
> Eric Rescorla wrote on 08 August 2008 16:06:
>
> > At Fri, 8 Aug 2008 11:50:59 +0100,
> > Ben Laurie wrote:
> >> However, since the CRLs will almost certainly not be checked, this
> >> means the site will still be vulnerable to attack for th
Eric Rescorla wrote on 08 August 2008 16:06:
> At Fri, 8 Aug 2008 11:50:59 +0100,
> Ben Laurie wrote:
>> However, since the CRLs will almost certainly not be checked, this
>> means the site will still be vulnerable to attack for the lifetime of
>> the certificate (and perhaps beyond, depending on
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200808-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200808-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200808-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Fri, Aug 8, 2008 at 5:57 PM, Eric Rescorla <[EMAIL PROTECTED]> wrote:
> At Fri, 8 Aug 2008 17:31:15 +0100,
> Dave Korn wrote:
>>
>> Eric Rescorla wrote on 08 August 2008 16:06:
>>
>> > At Fri, 8 Aug 2008 11:50:59 +0100,
>> > Ben Laurie wrote:
>> >> However, since the CRLs will almost certainly n
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
> However, since the CRLs will almost certainly not be checked, this
> means the site will still be vulnerable to attack for the lifetime of
> the certificate (and perhaps beyond, depending on user
> behaviour). Note that shutting down the site D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ON WITH THE SHOW!
All set to go. Join the files and enjoy the read.
Love,
the Great Council of Internet Superheros.
"To protect exposure and serve ruin."
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On with the show!
This is it, all 7 parts. Enjoy the weekend!
Hopefully you know how to join the files, as long as you aren't
Nate Lawson, it should be fine.
Love,
the Great Council of Internet Superheros.
"To protect exposure and serve ruin."
-B
On Fri, Aug 8, 2008 at 12:44 PM, Eddy Nigg (StartCom Ltd.)
<[EMAIL PROTECTED]> wrote:
> This affects any web site and service provider of various natures. It's not
> exclusive for OpenID nor for any other protocol / standard / service! It may
> affect an OpenID provider if it uses a compromised key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There it goes.
Love,
the Great Council of Internet Superheros.
"To protect exposure and serve ruin."
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0
wpwEAQMCAAYFAk
Since openid is essentially a url resolver security design concept (assuming
its not a native xri resolver case), openid2 does feels a bit more exposed to
the consequences of particular construction they laid out. The whole mapping of
"identity" via http - the heart of the openid concept -requir
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Antifreedom fighters have shut down one of the mirrors. Here be the
sauce.
We are requesting mirrors and fellow righteous superheros to
promptly archive the files (including Petko D. Petkov, pdp's
mailbox RAR volumes), exercising your rights of freedom
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
1. SUMMARY
Product : Vim -- Vi IMproved
Version : Vim >= 7.0 (possibly older), present in 7.2c.002
autoload/tar.vim >= 9 (possibly older), present in version 20
Impact : Arbitrary code execution
Wherefrom: Local, remote
CVE
Ben Laurie:
Security Advisory (08-AUG-2008) (CVE-2008-3280)
===
Ben Laurie of Google's Applied Security team, while working with an
external researcher, Dr. Richard Clayton of the Computer Laboratory,
Cambridge University, found that various OpenID Pro
We have been following up on Ben Laurie's advisory and have replaced the
faulty certificate with a new one. In addition we created an advisory
for our users that outlines some general precautions they should take:
http://blog.beuchelt.org/2008/08/07/Some+Security+Advice+For+Our+OpenID+Users.aspx
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
1. SUMMARY
Product : Vim -- Vi IMproved
Version : Vim >= 7.0 (possibly older), fixed in 7.2c.002
autoload/tar.vim version >= 9 (possibly older)
Impact : Arbitrary code execution
Wherefrom: Local, remote
Origi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Finally, the Great Council of Internet Superheros has been granted
permission to release this month's Internet Justice magazine,
featuring Petko D. Petkov, the german Honeynet fellows and Tom
Ferris, of Security-protocols.com fame, with excerpts of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 08 Aug 2008 01:00:37 +0200 "Petko D. Petkov"
<[EMAIL PROTECTED]> wrote:
>was that 0day within the Google infrastructure or somewhere else?
>
>On Thu, Aug 7, 2008 at 11:39 PM, Petko D. Petkov
><[EMAIL PROTECTED]> wrote:
>> you win... and you are
Security Advisory (08-AUG-2008) (CVE-2008-3280)
===
Ben Laurie of Google's Applied Security team, while working with an
external researcher, Dr. Richard Clayton of the Computer Laboratory,
Cambridge University, found that various OpenID Providers (OPs) h
A new malware, assigned to Trojan category, was discovered on 7th Aug.
It uses malicious links including the string www.google.com.id... pointing to
.cn domains.
More information at
http://www.sophos.com/security/blog/2008/08/1632.html
and
http://blog.facebook.com/blog.php?post=25844207130
Juha
53 matches
Mail list logo