Open-Source Security Flaw Exposes Millions

Encryption error went undetected for nearly 2 years
Posted May 22, 2008 6:16 PM CDT
Open-Source Security Flaw Exposes Millions
Hewlett Packard laptop on display at Best Buy in Mountain View, Calif., Monday, May 13, 2008.    (AP Photo/Paul Sakuma)

A programming error discovered last week makes at least four open-source operating systems and 25 applications vulnerable to hacking, and a patch distributed to fix it doesn’t solve the problem. Worse, the vulnerability can extend to computers not even running the deficient code, reports Technology Review. The mistake went unnoticed for almost 2 years.

Programmers accidentally restricted the number of encryption keys the affected computers could use to protect information sent over networks to just 32,767, making it possible for hackers to crack the encryption by trying all possible keys. Furthermore, the keys are portable, meaning they could be installed on computers that weren’t running the vulnerable code in the first place.

Read These Next
Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X
More News: Sp 500 Closes At All Time High.Html | Smith Urges Justices To Reject Trumps... | Japan Loses Spot As Worlds 3rd Larges... | Man Allegedly Killed His Mom At Sea F... | Another Riot Declared In Portland.Html