Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: The NSA paid $10 million to the security firm RSA to install a cryptographic backdoor.
The Lounge What is on Your Mind? The NSA paid $10 million to the security firm RSA to install a cryptographic backdoor. Post 302880687 by Neo on Sunday 22nd of December 2013 09:30:54 AM
Old 12-22-2013
More stories here:


RSA Warns Customers Off Suspected NSA-Tainted Crypto Tools

Products and companies who have had their Dual EC DRBG algorithm validated by NIST.

Dual_EC_DRBG - Wikipedia, the free encyclopedia

Quote:
On September 10, 2013, The New York Times wrote that "internal memos leaked by a former N.S.A. contractor, Edward Snowden, suggest that the N.S.A. generated one of the random number generators used in a 2006 N.I.S.T. standard — called the Dual EC DRBG standard — which contains a backdoor for the NSA. On September 10, 2013, The NIST Public Affairs Office director released a statement, saying that "NIST would not deliberately weaken a cryptographic standard.
See also:

RSA warns customers over NSA-compromised products

Quote:
RSA Security isn’t the only company using the compromised NIST standard. According to a list published by the standards organisation, McAfee, Symantec, Juniper Networks and BlackBerry are among others currently using Dual_EC_DRBG as specified under SP 800-90A.
This User Gave Thanks to Neo For This Post:
wisecracker
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Urgent Help...Pseudo-Device provides a Backdoor Entry to root.

Can Anybody help to create a pseudo-device and write a device driver for it. The pseudo-device provides a “backdoor” for gaining root access for a particular user. Instead of compiling the device driver into the kernel. Modules are object binaries that can be dynamically loaded into the kernel. ... (1 Reply)
Discussion started by: nyjilgeorge1
1 Replies

2. AIX

Seeking Paid AIX Support ? anyone know where ?

Hello, I was wondering if anyone knows about getting support for AIX ; This forum is a great place but if it has a section for $$$ AIX support where the experts can analyze and answer the questions/queries of the posters ? Is it possible to get any paid support on this forum ? (8 Replies)
Discussion started by: filosophizer
8 Replies

3. Shell Programming and Scripting

Matching 10 Million file records with 10 Million in other file

Dear All, I have two files both containing 10 Million records each separated by comma(csv fmt). One file is input.txt other is status.txt. Input.txt-> contains fields with one unique id field (primary key we can say) Status.txt -> contains two fields only:1. unique id and 2. status ... (8 Replies)
Discussion started by: vguleria
8 Replies

4. Red Hat

How do I install security patches with no internet access?

Hi, I'm pretty new to Linux and I want to download security patches and install them on RHEL 5.4. I've searched the red hat web site but cant seem to find where the download link is. (5 Replies)
Discussion started by: Jardoo
5 Replies

5. What is on Your Mind?

Increased paranoia of communication companies post NSA revelations

Hi all, I work in the communications field and often have to carry out data gathering/analysis on customer's platforms for issue diagnosis. In the last 2 months I have noticed a huge increase in distrust from African, Middle Eastern and Asian communication system operators of any data... (0 Replies)
Discussion started by: Skrynesaver
0 Replies

6. OS X (Apple)

I have a backdoor in my OS X? This is what I found in my bash history

That's what appears at the beginning of my bash history (when you type "open .bash_history" in terminal) sudo -k export PS1="";sudo echo AUTHENTICATED;echo RETRY exit export PS1="" sudo echo AUTHENTICATED ; sudo -k ; echo AUTHENTIKILL ; echo PROCESSEDAUTHENTICATION sudo ls;sudo -k;exit;echo... (1 Reply)
Discussion started by: jonathansmith
1 Replies

7. AIX

Best practices for sugroups for root ? backdoor user access ?

greetings, just ran across a fun situation we had overlooked. We have a backdoor user, no special privileges, which we put on every server so that anyone in the shop can get in (passwd in vault) if they need to, even if they don't have a local account on that server. The point of course is to... (3 Replies)
Discussion started by: maraixadm
3 Replies

8. What is on Your Mind?

Be aware. Coreboot and the NSA.

NSA Starts Contributing Low-Level Code to UEFI BIOS Alternative (0 Replies)
Discussion started by: wisecracker
0 Replies

LEARN ABOUT DEBIAN

webcommon.urlencode

WebCommon.urlEncode(3kaya)				       Kaya module reference					WebCommon.urlEncode(3kaya)

NAME

       WebCommon::urlEncode - URL encode a string

SYNOPSIS

       String urlEncode( String x )

ARGUMENTS

       x The string to encode

DESCRIPTION

       URL encode a string. You should use this to encode reserved characters in URLs that you wish to be passed literally.

    // trying to pass "http://www.example.com" as a parameter
    url = "http://localhost/test.cgi?url=";
    url += urlEncode("http://www.example.com");
    // url = http://localhost/test.cgi?url=http%3A%2F%2Fwww.example.com

       Note that in the example above, encoding the whole URL would be incorrect - that would create a relative URL beginning "http://".

AUTHORS

       Kaya standard library by Edwin Brady, Chris Morris and others (kaya@kayalang.org). For further information see http://kayalang.org/

LICENSE

       The  Kaya  standard  library  is  free  software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public
       License (version 2.1 or any later version) as published by the Free Software Foundation.

RELATED

       WebCommon.urlDecode(3kaya)

Kaya								   October 2012 					WebCommon.urlEncode(3kaya)
All times are GMT -4. The time now is 09:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy