Debian, Ununtu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Sauce Linux operating system.

Frederick Lee, a researcher at insecurity company Fortify, said that the flaw, which affects Ubuntu as well as Debian, had been "seriously underestimated " as it makes the Secure Sockets Layer (SSL) of the two Linux sustems vulnerable to malicious attack.

"We're calling this vulnerability 'insecure randomness' since it allows an attacker to predict the SSL cryptographic keys used for supposedly secure online transactions," he said.

Lee reckons that the flaw, which tinkers with the randomness engine used to encrypt secure transactions, could be used to intercept traffic between a user and supposedly secure connection between a user and, for example, an online banking site.

Rolling Stone, Billboard owner Penske sues Google over AI overviews

Westpac stands up Copilot Studio for Gen AI agent development

Parent company of Gucci, Balenciaga hit by cyber attack

Domain Group builds 'listing assistant' to help staff find property metrics

AFP nabs alleged smisher targeting mobile phone customers

Debian, Ununtu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Sauce Linux operating system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

VicRoads to phase out passwords in favour of passkeys

Service NSW centralises security, networking in mammoth CloudOps overhaul

Apple adds "mercenary spyware" protection to new A19 chip

Most popular tech stories

Lendi Group unveils agentic AI-powered home loan 'guardian'

State of MarTech

Queensland Rail uses SuccessFactors to "put learning back on the map"

mecwacare sizes its digital transformation

NSW Education turns to Deloitte for HCM program delivery

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry comes together to explore IoT opportunities

Australian firm wins global Cisco AI award for rail safety solution

Govt launches consumer tech label program for smart devices

Sydney and Melbourne rank highly for "citizen experience"

Rolling Stone, Billboard owner Penske sues Google over AI overviews

Westpac stands up Copilot Studio for Gen AI agent development

Parent company of Gucci, Balenciaga hit by cyber attack

Domain Group builds 'listing assistant' to help staff find property metrics

AFP nabs alleged smisher targeting mobile phone customers

Debian, Ununtu flawed for two years

A research posting to the Debian security list last week has led to the confirmation of a serious hole in two flavours of the Open Sauce Linux operating system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

VicRoads to phase out passwords in favour of passkeys

Service NSW centralises security, networking in mammoth CloudOps overhaul

Apple adds "mercenary spyware" protection to new A19 chip

Most popular tech stories

Lendi Group unveils agentic AI-powered home loan 'guardian'

State of MarTech

Queensland Rail uses SuccessFactors to "put learning back on the map"

mecwacare sizes its digital transformation

NSW Education turns to Deloitte for HCM program delivery

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry comes together to explore IoT opportunities

Australian firm wins global Cisco AI award for rail safety solution

Govt launches consumer tech label program for smart devices

Sydney and Melbourne rank highly for "citizen experience"

Log In