[ PRIVACY Forum ] Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

jim deleskie deleskie at gmail.com
Wed Mar 5 21:58:12 UTC 2014


Doing some serious adjusting of my tinfoil today over his :)

-jim


On Wed, Mar 5, 2014 at 5:03 PM, Jay Ashworth <jra at baylink.com> wrote:

> ----- Original Message -----
> > From: "Leo Bicknell" <bicknell at ufp.org>
>
> > On Mar 4, 2014, at 9:07 PM, Jay Ashworth <jra at baylink.com> wrote:
> >
> > > Is this the *same* bug that just broke in Apple code last week?
> >
> > No, the Apple bug was the existence of an /extra/ "goto fail;".
> >
> > The GnuTLS bug was that it was /missing/ a "goto fail;".
> >
> > I'm figuring the same developer worked on both, and just put the line
> > in the wrong repository. :)
>
> Those who speculate that these bugs happened at the behest of the NSA
> would probably agree with you.
>
> Cheers,
> -- jra
> --
> Jay R. Ashworth                  Baylink
> jra at baylink.com
> Designer                     The Things I Think                       RFC
> 2100
> Ashworth & Associates       http://www.bcp38.info          2000 Land
> Rover DII
> St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647
> 1274
>
>



More information about the NANOG mailing list