Zachary Uram | 14 Apr 11:14 2010
Collin Pruitt | 14 Apr 15:42 2010
Picon

Re: another method to crack RSA

On Wed, Apr 14, 2010 at 5:14 AM, Zachary Uram <netrek-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:


Yeah. RSA sucks.

Ok.

--
Collin Pruitt
Ubuntu Member
http://hellow.ath.cx/

_______________________________________________
netrek-dev mailing list
netrek-dev@...
http://mailman.us.netrek.org/mailman/listinfo/netrek-dev
Andrew K. Bressen | 22 Apr 09:51 2010
Picon

Re: another method to crack RSA


Um, no.

These guys didn't crack RSA (which, by the way, does not suck) at all,
they cracked OpenSSL, by exploiting the specific way it uses RSA, and
to do it they needed physical access to the machine that had the
private key they were trying to steal. This is not particularly
interesting or exciting at a practical level, since it would be much
easier to steal the hard drive with the key on it or beat up the
sysadmin than to rewire the power supply of the server's CPU.
Andrew K. Bressen | 22 Apr 09:56 2010
Picon

netrek 2010 bug report: hints on tac screen


Today installed netrek 2010 on two machines, one vista, one xp.

On both, sometimes upon entering the game, a hint would appear
on the tactical screen. Not in a hint box spanning the tac and
galactic, but entirely on the tac sceen, with no obvious way to
remove it. Redraws of screen objects would erase the hint as a 
word written on sand being erased by waves, so that after flying
around enough, all trace of the hint was gone.
Andrew K. Bressen | 22 Apr 09:59 2010
Picon

Ntrek 2010 bug report: help screen when killed


On XP today, I observed that if a player had the help screen up
when they were killed, it remained up on the team select screen,
would not go away with h being pressed, and only the quit button 
could be used, not a team selection button.

I didn't try to verify this with repitition.
Zachary Uram | 22 Apr 10:32 2010
Picon

Re: another method to crack RSA

On Thu, Apr 22, 2010 at 3:51 AM, Andrew K. Bressen
<akb+lists.netrek-dev@...> wrote:
>
> These guys didn't crack RSA (which, by the way, does not suck) at all,
> they cracked OpenSSL, by exploiting the specific way it uses RSA, and
> to do it they needed physical access to the machine that had the
> private key they were trying to steal. This is not particularly
> interesting or exciting at a practical level, since it would be much
> easier to steal the hard drive with the key on it or beat up the
> sysadmin than to rewire the power supply of the server's CPU.

Yes but RSA has (for some keysizes) already been cracked.

Up to 768-bit keysize has been successfully factored:
http://www.rsa.com/rsalabs/node.asp?id=2092

And who knows how much long 1024-bit keys are safe:
http://arstechnica.com/security/news/2010/01/768-bit-rsa-cracked-1024-bit-safe-for-now.ars

Zach
Bill Balcerski | 23 Apr 00:19 2010
Picon

Re: netrek 2010 bug report: hints on tac screen



On Thu, Apr 22, 2010 at 3:56 AM, Andrew K. Bressen <akb+lists.netrek-dev-1Iq1HSZz99Fhl2p70BpVqQ@public.gmane.org> wrote:

On both, sometimes upon entering the game, a hint would appear
on the tactical screen. Not in a hint box spanning the tac and
galactic, but entirely on the tac sceen, with no obvious way to
remove it. Redraws of screen objects would erase the hint as a
word written on sand being erased by waves, so that after flying
around enough, all trace of the hint was gone.

Known client bug, fix committed to the repository in March 2010. A solution to prevent the bug from happening is to turn hints off client or server side.


As for:

"On XP today, I observed that if a player had the help screen up
when they were killed, it remained up on the team select screen,
would not go away with h being pressed, and only the quit button
could be used, not a team selection button.

I didn't try to verify this with repitition."

Cannot repeat entirely.  Help window cannot be closed at the team outfit screen, this is by design and has always been that way.  However, I am able to freely reposition the help window if it is blocking team select windows, and able to use team select buttons as normal.

Bill

_______________________________________________
netrek-dev mailing list
netrek-dev@...
http://mailman.us.netrek.org/mailman/listinfo/netrek-dev
Andrew K. Bressen | 23 Apr 02:49 2010
Picon

Re: another method to crack RSA


Zachary Uram <netrek@...> writes:
> Yes but RSA has (for some keysizes) already been cracked.

By essentially brute-force methods requiring a lot of hardware.

Everyone knew 768 bits wasn't going to be enough fifteen years ago;
there are no surprises here.

Not that any of this is particularly relevant right now, since
RSA blessing is currently deprecated.
James Cameron | 23 Apr 04:18 2010

Re: another method to crack RSA

On Thu, Apr 22, 2010 at 08:49:36PM -0400, Andrew K. Bressen wrote:
> Not that any of this is particularly relevant right now, since
> RSA blessing is currently deprecated.

Even if it wasn't, the key length we used is no longer particularly
strong.

--

-- 
James Cameron
http://quozl.linux.org.au/

Gmane