Cool new attack on static (non-EC) Diffie-Hellman in OpenSSL. Takes advantage of a timing vulnerability on the server side to extract the connection pre-master secret. Crypto implementations are hard. https://raccoon-attack.com/
-
-
there's a process that we use in-house borrowed from a long tradition in mission s/w engineering, I think tracing back to NASA: you write a spec, then have 2+ teams (blind to each other) implement it. Feed a lot of broken/edge case data. If there's a delta, likely a "spec bug".
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
