Debian, Ubuntu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.

Frederick Lee, a researcher at insecurity company Fortify, said that the flaw, which affects Ubuntu as well as Debian, had been "seriously underestimated " as it makes the Secure Sockets Layer (SSL) of the two Linux sustems vulnerable to malicious attack.

"We're calling this vulnerability 'insecure randomness' since it allows an attacker to predict the SSL cryptographic keys used for supposedly secure online transactions," he said.

Lee reckons that the flaw, which tinkers with the randomness engine used to encrypt secure transactions, could be used to intercept traffic between a user and supposedly secure connection between a user and, for example, an online banking site.

REA Group brings conversational AI search realestate.com.au

Starlink plots phone, more internet services

Telstra says cost trade-offs will follow if spectrum license obligations stick

Bunnings facial recognition privacy breach ruling partially reversed

CBA sets up dedicated AI risk committee for governance

Debian, Ubuntu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

DTA cuts government's biggest tech buyers out of vendor talks

Bureau of Meteorology's VMware bill more than doubles

Services Australia to document 40 years of business rules in core ISIS system

Woolworths to fill digital gap on its board

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

Nissan's A/NZ finance arm embarks on $35m digital transformation

CBA sets up dedicated AI risk committee for governance

Blacktown City Council trials AI for development applications

NSW gov to make AI risk assessments less "subjective"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

Govt launches consumer tech label program for smart devices

REA Group brings conversational AI search realestate.com.au

Starlink plots phone, more internet services

Telstra says cost trade-offs will follow if spectrum license obligations stick

Bunnings facial recognition privacy breach ruling partially reversed

CBA sets up dedicated AI risk committee for governance

Debian, Ubuntu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

DTA cuts government's biggest tech buyers out of vendor talks

Bureau of Meteorology's VMware bill more than doubles

Services Australia to document 40 years of business rules in core ISIS system

Woolworths to fill digital gap on its board

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

Nissan's A/NZ finance arm embarks on $35m digital transformation

CBA sets up dedicated AI risk committee for governance

Blacktown City Council trials AI for development applications

NSW gov to make AI risk assessments less "subjective"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

Govt launches consumer tech label program for smart devices

Log In