Date: Wed, 20 Jan 2016 11:07:19 -0700 From: Kurt Seifried <kseifried@...hat.com> To: Daniel Kahn Gillmor <dkg@...thhorseman.net> Cc: oss-security <oss-security@...ts.openwall.com> Subject: Re: Prime example of a can of worms On Wed, Jan 20, 2016 at 11:00 AM, Daniel Kahn Gillmor <dkg@...thhorseman.net > wrote: > On Wed 2016-01-20 12:25:42 -0500, Kurt Seifried wrote: > > Sorry yes, although this also applies equally to keys/etc. > > sure, though i hope we're not in a "few keys" scenario, that would > definitely be bad :) > Yes it would be bad: https://blog.shodan.io/duplicate-ssh-keys-everywhere/ There was another analysis with even more worrying numbers but I can't find it. -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert@...hat.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.