Latest News

OpenClaw founder joins OpenAI

Victoria's whole-of-government CISO has left

Researchers find critical vulnerabilities in cloud-based password managers

Bendigo Bank cuts cost, time out of software development efforts

Woolworths splits infosec and physical security again

Debian, Ubuntu flawed for two years

By Stewart Meagher

May 21 2008 2:46PM

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.

Frederick Lee, a researcher at insecurity company Fortify, said that the flaw, which affects Ubuntu as well as Debian, had been "seriously underestimated " as it makes the Secure Sockets Layer (SSL) of the two Linux sustems vulnerable to malicious attack.

"We're calling this vulnerability 'insecure randomness' since it allows an attacker to predict the SSL cryptographic keys used for supposedly secure online transactions," he said.

Lee reckons that the flaw, which tinkers with the randomness engine used to encrypt secure transactions, could be used to intercept traffic between a user and supposedly secure connection between a user and, for example, an online banking site.

Got a news tip for our journalists? Share it with us anonymously here.

theinquirer.net (c) 2010 Incisive Media

Tags:

debian flawed for software two years

Partner Content

ctrl:cyber strengthens sovereign cyber capability with elevenM acquisition

Promoted Content ctrl:cyber strengthens sovereign cyber capability with elevenM acquisition

Identity at the Centre: Why AI Is Accelerating a New Security Imperative

Partner Content Identity at the Centre: Why AI Is Accelerating a New Security Imperative

Overcoming the “last mile” problem in AI adoption with Lucid Software

Promoted Content Overcoming the “last mile” problem in AI adoption with Lucid Software

AI Goals for 2026: What Every Organisation Should Prioritise

Promoted Content AI Goals for 2026: What Every Organisation Should Prioritise

Sponsored Whitepapers

Uncomplicate IT Service Delivery with AI Agents

Uncomplicate IT Service Delivery with AI Agents

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Fintech compliance made fast and secure

Fintech compliance made fast and secure

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

2025 Security operations insights: Three-quarters of security leaders need something new in SIEM

2025 Security operations insights: Three-quarters of security leaders need something new in SIEM

Events

Most Read Articles

Optus traces mobile outage to database software update glitch

Optus traces mobile outage to database software update glitch

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

Concerns over Westpac Unite as tech chiefs depart

Concerns over Westpac Unite as tech chiefs depart

BoM reveals plan to fix website within six months

BoM reveals plan to fix website within six months

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories