Home page logo

dailydave logo Dailydave mailing list archives

Re: tubes clogged
From: Thorsten Holz <thorsten.holz () gmail com>
Date: Tue, 30 Dec 2008 10:24:40 +0100

On 30.12.2008, at 02:18, Fyodor wrote:

"...their research required massive computational resources that  
had to be
utilized within a specific window of time": indicates some form of
brute-force cryptokey cracking.

the "specific window of time" bit makes me think of some sort of
session keys, heh :)

Also, somehow the "abusing the Internet" thing  became synonymical to
"abusing internet routing protocols" (otherwise why everyone is
bringing up the BGP issue). Can't there be other things to be abused?
like authentication certs, PKI infrastructures, authentication
mechanisms to control domain naming, RIPE or other registrar databases
... ?

The rumors I heard during 25C3 are that they broke a Root CA key that  
is included in major browsers. This would enable creating fake  
websites with a valid SSL-key, clearly a major threat...

Unfortunately I already had to leave Berlin, but the live stream will  
be available in a couple of hours at mms://streaming-25c3.fem-net.de/saal1(15:15 

Dailydave mailing list
Dailydave () lists immunitysec com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]