Flaw Made Public In OpenSSH Encryption

alimo20 writes "Researchers at the Royal Holloway, University of London have discovered a flaw in Version 4.7 of OpenSSH on Debian/GNU Linux. According to ISG lead professor Kenny Patterson, an attacker has a 2^{-18} (that is, one in 262,144) chance of success. Patterson tells that this is more significant than past discoveries because 'This is a design flaw in OpenSSH. The other vulnerabilities have been more about coding errors.' The vulnerability is possible by a man-in-the-middle intercepting blocks of encrypted material as it passes. The attacker then re-transmits the data back to the server and counts the number of bytes before the server to throws error messages and disconnects the attacker. Using this information, the attacker can work backwards to figure out the first 4 bytes of data before encryption. 'The attack relies on flaws in the RFC (Request for Comments) internet standards that define SSH, said Patterson. ... Patterson said that he did not believe this flaw had been exploited in the wild, and that to deduce a message of appreciable length could take days.'"

Observations by a Windows user

The replies are all dripping with attitude and arrogance. The most arrogant replies are centered in the first person point of view response. As a community, a more appropriate response would be how can we push out this information to the larger Linux business community, who does not spend their idle time on /., to get the patch rolling.

I don't even use Linux, however I will wager that had this been Windows and I replied, "meh, I'm patched, next", that I would be flamed up and down worse than Eric Estrada in Tora, Tora, Tora.