oss-sec mailing list archives

Re: Prime example of a can of worms

From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 20 Jan 2016 11:07:19 -0700

On Wed, Jan 20, 2016 at 11:00 AM, Daniel Kahn Gillmor <dkg () fifthhorseman net

wrote:

On Wed 2016-01-20 12:25:42 -0500, Kurt Seifried wrote:

Sorry yes, although this also applies equally to keys/etc.


sure, though i hope we're not in a "few keys" scenario, that would
definitely be bad :)


Yes it would be bad:

https://blog.shodan.io/duplicate-ssh-keys-everywhere/

There was another analysis with even more worrying numbers but I can't find
it.


--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert () redhat com

Current thread:

Re: Prime example of a can of worms Kurt Seifried (Jan 20)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Jan 20)
  - Re: Prime example of a can of worms Kurt Seifried (Jan 20)
    - Re: Prime example of a can of worms Daniel Kahn Gillmor (Jan 20)
    - Re: Prime example of a can of worms Kurt Seifried (Jan 20)
    - Re: Prime example of a can of worms Hanno Böck (Jan 20)
- Re: Prime example of a can of worms gremlin (Jan 20)
  - Re: Prime example of a can of worms Florent Daigniere (Jan 21)
    - Re: Prime example of a can of worms Steve Grubb (Jan 21)
    - Re: Prime example of a can of worms Florent Daigniere (Jan 21)
- <Possible follow-ups>
- Re: Prime example of a can of worms Andrew Gallagher (Jan 21)
  - Re: Re: Prime example of a can of worms Steve Grubb (Jan 22)