Okay, so Debian shipped broken OpenSSL for about two years. The advisory is scarce on details (after dealing with crypto literature for a while, you learn to think of “weak RNG” as “well, someone who had perfectly observed twenty billion random numbers I’ve generated could maybe have a fifty-one percent ability to guess the next bit”, which has about zero implications for real world security), but Ben Laurie explains the full story. Apparently, the Debian package maintainer noticed that OpenSSL used uninitialized memory to supply entropy to the RNG, but “fixed” it by disabling the function to add ANY entropy to the pool. This, and the fact that the ssh-vulnkeys utility shipped with the OpenSSH upgrade checks for vulnerable keys by comparing keys to an apparently exhaustive list of some 200000 keys, make it look rather scary. If I understand this correctly, it looks exploitable enough to turn into a nasty real-world problem for some time to come.

On the up side, I really like the engineering of the Debian fix – the new packages refuse to run with compromised keys (and automatically generate safe ones on installation), and upgraded servers refuse logins from unsafe client keys. This eliminates the worst of all the horrors where outdated authorized_keys entries for the unsafe keys would litter the Internets for decades to come, providing rogue access for any idiot with a copy of the master key list…

Update: Ah, the exploit is here.

For Christmas 1984, I wanted nothing so much as an accordeon. I had deposited the wish via the usual channels (a letter on my window sill that vanished some time later, and constant nagging of everyone who would listen) during the season time, and since I was the only child in my age bracket for all of the extended family, I was rather confident that an accordeon would materialize under the tree through whatever mechanism involved.

After the preliminaries had been taken care of on the great day, I settled in front of a pile of packages and methodically started tearing them open, discovering that their contents were “not an accordeon” and moving on to the next item. While the people around me slowly realized that it would probably have made everyone happier if they had just given me what I had wished for instead of all the other stuff, I clung to my hope fiercely, expecting the accordeon to magically hide in packages the size of cigarette packs. When it dawned on me that there WAS no accordeon, it was a very sad Christmas.

Well, at least I can blame my family for the fact that I’m just a useless physics bum now, and not a great artist (via fefe). There.