Linux Crypto Packages Demolished

Posted by simoniker on Monday September 22, 2003 @10:19AM from the security-is-all-relative dept.

SiliconEntity writes "Cryptographer and security expert Peter Gutmann has demolished several Linux security software packages in a recent posting to the cryptography mailing list. He says, 'It's possible to create insecure 'security' products just as readily with open-source as with closed-source software. CIPE and vtun must be the OSS community's answer to Microsoft's PPTP implementation. What's even worse is that some of the flaws were pointed out nearly two years ago, but despite the hype about open-source products being quicker with security fixes, some of the protocols still haven't been fixed.'"

2 of 404 comments (clear)

Min score:

Reason:

Sort:

Well put by indole · 2003-09-22 10:42 · Score: 1, Redundant

One particular quote:

Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve elightenment...

pretty much sums up the rest of the post.

--
(2,3-Benzopyrrole)
Re:Use the trustworthy stuff by NeverReminder · 2003-09-22 10:47 · Score: 0, Redundant

Yes, because in Soviet Russia, Cyrillic cracking you