Latest News

Europol and tech firms take down Tycoon 2FA bypass service

In Pictures: Securing AI agents and NHIs - Saviynt Melbourne roundtable

Hollard Insurance pilots AI in claims division

Health and Aged Care CISO retires

Oracle plans thousands of job cuts

Debian, Ubuntu flawed for two years

By Stewart Meagher

May 21 2008 2:46PM

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Source Linux operating system.

Frederick Lee, a researcher at insecurity company Fortify, said that the flaw, which affects Ubuntu as well as Debian, had been "seriously underestimated " as it makes the Secure Sockets Layer (SSL) of the two Linux sustems vulnerable to malicious attack.

"We're calling this vulnerability 'insecure randomness' since it allows an attacker to predict the SSL cryptographic keys used for supposedly secure online transactions," he said.

Lee reckons that the flaw, which tinkers with the randomness engine used to encrypt secure transactions, could be used to intercept traffic between a user and supposedly secure connection between a user and, for example, an online banking site.

Got a news tip for our journalists? Share it with us anonymously here.

theinquirer.net (c) 2010 Incisive Media

Tags:

debian flawed for software two years

Partner Content

AI Goals for 2026: What Every Organisation Should Prioritise

Promoted Content AI Goals for 2026: What Every Organisation Should Prioritise

From Faster Coding to Accelerated Innovation Cycles: How Intelligent Orchestration Unlocks AI's Promise

Promoted Content From Faster Coding to Accelerated Innovation Cycles: How Intelligent Orchestration Unlocks AI's Promise

Targeting Maximum Competitive Advantage for Businesses

Promoted Content Targeting Maximum Competitive Advantage for Businesses

Cyconsol Unlocks Growth Potential for Cyber Vendors in Australia

Promoted Content Cyconsol Unlocks Growth Potential for Cyber Vendors in Australia

Sponsored Whitepapers

5 reasons to adopt a mobile first security strategy

5 reasons to adopt a mobile first security strategy

Uncomplicate IT Service Delivery with AI Agents

Uncomplicate IT Service Delivery with AI Agents

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Getting ahead of the tech: what’s next for Australian organisations in digital transformation

Fintech compliance made fast and secure

Fintech compliance made fast and secure

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

Events

Most Read Articles

Telstra pushes forward with agentic AI plans

Telstra pushes forward with agentic AI plans

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

Officeworks builds on its Salesforce core

Officeworks builds on its Salesforce core

Endeavour Group to have new ERP in place in 18 months

Endeavour Group to have new ERP in place in 18 months

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories