Re: tubes clogged

[Thorsten Holz <thorsten.holz () gmail com>]

On 30.12.2008, at 02:18, Fyodor wrote:

> > "...their research required massive computational resources that  
> > had to be
> > utilized within a specific window of time": indicates some form of
> > brute-force cryptokey cracking.
>
> the "specific window of time" bit makes me think of some sort of
> session keys, heh :)
>
> Also, somehow the "abusing the Internet" thing  became synonymical to
> "abusing internet routing protocols" (otherwise why everyone is
> bringing up the BGP issue). Can't there be other things to be abused?
> like authentication certs, PKI infrastructures, authentication
> mechanisms to control domain naming, RIPE or other registrar databases
> ... ?

The rumors I heard during 25C3 are that they broke a Root CA key that  
is included in major browsers. This would enable creating fake  
websites with a valid SSL-key, clearly a major threat...

Unfortunately I already had to leave Berlin, but the live stream will  
be available in a couple of hours at mms://streaming-25c3.fem-net.de/saal1(15:15 
  CET)

Cheers,
   Thorsten
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave