From netrek at gmail.com Wed Apr 14 04:14:52 2010 From: netrek at gmail.com (Zachary Uram) Date: Wed, 14 Apr 2010 05:14:52 -0400 Subject: [netrek-dev] another method to crack RSA Message-ID: http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/ Zach <>< http://www.fidei.org ><> From collinp111 at gmail.com Wed Apr 14 08:42:24 2010 From: collinp111 at gmail.com (Collin Pruitt) Date: Wed, 14 Apr 2010 09:42:24 -0400 Subject: [netrek-dev] another method to crack RSA In-Reply-To: References: Message-ID: On Wed, Apr 14, 2010 at 5:14 AM, Zachary Uram wrote: > > http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/ > > Zach > > <>< http://www.fidei.org ><> > > _______________________________________________ > netrek-dev mailing list > netrek-dev at us.netrek.org > http://mailman.us.netrek.org/mailman/listinfo/netrek-dev > Yeah. RSA sucks. Ok. -- Collin Pruitt Ubuntu Member http://hellow.ath.cx/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.us.netrek.org/pipermail/netrek-dev/attachments/20100414/07730a22/attachment.htm From akb+lists.netrek-dev at mirror.to Thu Apr 22 02:51:38 2010 From: akb+lists.netrek-dev at mirror.to (Andrew K. Bressen) Date: Thu, 22 Apr 2010 03:51:38 -0400 Subject: [netrek-dev] another method to crack RSA In-Reply-To: (Collin Pruitt's message of "Wed, 14 Apr 2010 09:42:24 -0400") References: Message-ID: <0qvdbjj56d.fsf@mirror.to> Um, no. These guys didn't crack RSA (which, by the way, does not suck) at all, they cracked OpenSSL, by exploiting the specific way it uses RSA, and to do it they needed physical access to the machine that had the private key they were trying to steal. This is not particularly interesting or exciting at a practical level, since it would be much easier to steal the hard drive with the key on it or beat up the sysadmin than to rewire the power supply of the server's CPU. From akb+lists.netrek-dev at mirror.to Thu Apr 22 02:56:21 2010 From: akb+lists.netrek-dev at mirror.to (Andrew K. Bressen) Date: Thu, 22 Apr 2010 03:56:21 -0400 Subject: [netrek-dev] netrek 2010 bug report: hints on tac screen Message-ID: <0qr5m7j4yi.fsf@mirror.to> Today installed netrek 2010 on two machines, one vista, one xp. On both, sometimes upon entering the game, a hint would appear on the tactical screen. Not in a hint box spanning the tac and galactic, but entirely on the tac sceen, with no obvious way to remove it. Redraws of screen objects would erase the hint as a word written on sand being erased by waves, so that after flying around enough, all trace of the hint was gone. From akb+lists.netrek-dev at mirror.to Thu Apr 22 02:59:07 2010 From: akb+lists.netrek-dev at mirror.to (Andrew K. Bressen) Date: Thu, 22 Apr 2010 03:59:07 -0400 Subject: [netrek-dev] Ntrek 2010 bug report: help screen when killed Message-ID: <0qmxwvj4tw.fsf@mirror.to> On XP today, I observed that if a player had the help screen up when they were killed, it remained up on the team select screen, would not go away with h being pressed, and only the quit button could be used, not a team selection button. I didn't try to verify this with repitition. From netrek at gmail.com Thu Apr 22 03:32:05 2010 From: netrek at gmail.com (Zachary Uram) Date: Thu, 22 Apr 2010 04:32:05 -0400 Subject: [netrek-dev] another method to crack RSA In-Reply-To: <0qvdbjj56d.fsf@mirror.to> References: <0qvdbjj56d.fsf@mirror.to> Message-ID: On Thu, Apr 22, 2010 at 3:51 AM, Andrew K. Bressen wrote: > > These guys didn't crack RSA (which, by the way, does not suck) at all, > they cracked OpenSSL, by exploiting the specific way it uses RSA, and > to do it they needed physical access to the machine that had the > private key they were trying to steal. This is not particularly > interesting or exciting at a practical level, since it would be much > easier to steal the hard drive with the key on it or beat up the > sysadmin than to rewire the power supply of the server's CPU. Yes but RSA has (for some keysizes) already been cracked. Up to 768-bit keysize has been successfully factored: http://www.rsa.com/rsalabs/node.asp?id=2092 And who knows how much long 1024-bit keys are safe: http://arstechnica.com/security/news/2010/01/768-bit-rsa-cracked-1024-bit-safe-for-now.ars Zach From billbalcerski at gmail.com Thu Apr 22 17:19:01 2010 From: billbalcerski at gmail.com (Bill Balcerski) Date: Thu, 22 Apr 2010 18:19:01 -0400 Subject: [netrek-dev] netrek 2010 bug report: hints on tac screen In-Reply-To: <0qr5m7j4yi.fsf@mirror.to> References: <0qr5m7j4yi.fsf@mirror.to> Message-ID: On Thu, Apr 22, 2010 at 3:56 AM, Andrew K. Bressen < akb+lists.netrek-dev at mirror.to > wrote: > > On both, sometimes upon entering the game, a hint would appear > on the tactical screen. Not in a hint box spanning the tac and > galactic, but entirely on the tac sceen, with no obvious way to > remove it. Redraws of screen objects would erase the hint as a > word written on sand being erased by waves, so that after flying > around enough, all trace of the hint was gone. > Known client bug, fix committed to the repository in March 2010. A solution to prevent the bug from happening is to turn hints off client or server side. As for: "On XP today, I observed that if a player had the help screen up when they were killed, it remained up on the team select screen, would not go away with h being pressed, and only the quit button could be used, not a team selection button. I didn't try to verify this with repitition." Cannot repeat entirely. Help window cannot be closed at the team outfit screen, this is by design and has always been that way. However, I am able to freely reposition the help window if it is blocking team select windows, and able to use team select buttons as normal. Bill -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.us.netrek.org/pipermail/netrek-dev/attachments/20100422/3ed9c000/attachment.htm From akb+lists.netrek-dev at mirror.to Thu Apr 22 19:49:36 2010 From: akb+lists.netrek-dev at mirror.to (Andrew K. Bressen) Date: Thu, 22 Apr 2010 20:49:36 -0400 Subject: [netrek-dev] another method to crack RSA In-Reply-To: (Zachary Uram's message of "Thu, 22 Apr 2010 04:32:05 -0400") References: <0qvdbjj56d.fsf@mirror.to> Message-ID: <0q633jhu1r.fsf@mirror.to> Zachary Uram writes: > Yes but RSA has (for some keysizes) already been cracked. By essentially brute-force methods requiring a lot of hardware. Everyone knew 768 bits wasn't going to be enough fifteen years ago; there are no surprises here. Not that any of this is particularly relevant right now, since RSA blessing is currently deprecated. From quozl at us.netrek.org Thu Apr 22 21:18:18 2010 From: quozl at us.netrek.org (James Cameron) Date: Fri, 23 Apr 2010 12:18:18 +1000 Subject: [netrek-dev] another method to crack RSA In-Reply-To: <0q633jhu1r.fsf@mirror.to> References: <0qvdbjj56d.fsf@mirror.to> <0q633jhu1r.fsf@mirror.to> Message-ID: <20100423021818.GH16860@us.netrek.org> On Thu, Apr 22, 2010 at 08:49:36PM -0400, Andrew K. Bressen wrote: > Not that any of this is particularly relevant right now, since > RSA blessing is currently deprecated. Even if it wasn't, the key length we used is no longer particularly strong. -- James Cameron http://quozl.linux.org.au/