"The backdoor allows anyone with knowledge of a secret user agent string to log in and modify settings on any router running the vulnerable software,"... "The values for the points P1 and P2 could have been chosen randomly or they could have been chosen with a deliberate relationship. If they were chosen deliberately, there is a backdoor."
Is there any way to tell if they were chosen deliberately or not, and if not is this a possibility for any of these programs out there?
This is the most ridiculous things I have ever heard and the fact that people buy into it is what is wrong with America.
Chip and pin cards, are you kidding me? I hate to give in to the hype of an overused buzzword, but we do find ourselves coming into an age where big data has massively amplified the stakes of security as companies are pooling all of their assets into one giant "data lake" so that it can be analyzed. Yes, I agree that it is great that they now can "glean valuable insights from the connections between xyz..." by aggregating all of the information into one giant store of structured or unstructured data to be analyze, rinse, repeat and analyze again, but then guess what - one hole in your security means the whole house of cards comes tumbling down and all of your data "assets" and people's "private" information is now exposed.
Chip and pin cards are a joke to placate the public - this is a good blog on what companies are putting in place right now that are actually a step in the right direction at least. http://sqrrl.com/big-data-secu...
The thing that is interesting: the one with the most all encompassing security architecture was created at the NSA.... So do we not trust that approach because the database was created by evil government spies and will abuse our information somehow, or trust them because maybe they actually know how to keep information secure.
All I know is that it's interesting that at least they built their "big data" analyzation tools as a secondary priority to security, and as the blog shows the other databases are now implementing different security measures to their information warehouses which is at least a step in the right direction....My two cents.
To all of the big companies like this that think "that won't happen to us".... That first step off your high horse is going to be a bitch honey. Tuck and roll.
Slashdot Mirror
"The basics on backdoors in security systems" on How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer. I thought the "pool ball" analogy was very interesting....
"The backdoor allows anyone with knowledge of a secret user agent string to log in and modify settings on any router running the vulnerable software,"... "The values for the points P1 and P2 could have been chosen randomly or they could have been chosen with a deliberate relationship. If they were chosen deliberately, there is a backdoor."
Is there any way to tell if they were chosen deliberately or not, and if not is this a possibility for any of these programs out there?
This is the most ridiculous things I have ever heard and the fact that people buy into it is what is wrong with America. Chip and pin cards, are you kidding me? I hate to give in to the hype of an overused buzzword, but we do find ourselves coming into an age where big data has massively amplified the stakes of security as companies are pooling all of their assets into one giant "data lake" so that it can be analyzed. Yes, I agree that it is great that they now can "glean valuable insights from the connections between xyz..." by aggregating all of the information into one giant store of structured or unstructured data to be analyze, rinse, repeat and analyze again, but then guess what - one hole in your security means the whole house of cards comes tumbling down and all of your data "assets" and people's "private" information is now exposed. Chip and pin cards are a joke to placate the public - this is a good blog on what companies are putting in place right now that are actually a step in the right direction at least. http://sqrrl.com/big-data-secu... The thing that is interesting: the one with the most all encompassing security architecture was created at the NSA.... So do we not trust that approach because the database was created by evil government spies and will abuse our information somehow, or trust them because maybe they actually know how to keep information secure. All I know is that it's interesting that at least they built their "big data" analyzation tools as a secondary priority to security, and as the blog shows the other databases are now implementing different security measures to their information warehouses which is at least a step in the right direction....My two cents. To all of the big companies like this that think "that won't happen to us".... That first step off your high horse is going to be a bitch honey. Tuck and roll.