Is compromised apparently

Luke Sullivan
Luke Sullivan

https://zerobin.net/?06dae5d45335d2b4#m8FRD5qfMgH1rxjVH4oAjHvOMxJArCGp9UIogpmsnHg=

OpenSSL is compromised apparently. I dunno, I'm from /pol/ and we'd like your take on this issue. >>/pol/8723416
This seems like a national security emergency. Could be nothing though.

All urls found in this thread:
https://zerobin.net/?06dae5d45335d2b4#m8FRD5qfMgH1rxjVH4oAjHvOMxJArCGp9UIogpmsnHg=
https://github.com/openssl/openssl/blob/3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73/crypto/rand/md_rand.c
https://www.fsf.org/blogs/gnu-press/neug-trng
https://www.crowdsupply.com/cryptech/open-hardware-security-module
https://youtu.be/fwcl17Q0bpk?t=162
https://a.cocaine.ninja/xpofuz.svg
https://a.cocaine.ninja/xjfpuu.svg
https://www.openbsd.org/papers/bsdcan14-libressl/mgp00017.html
https://github.com/openssl/openssl/issues/2195
http://archive.org/lorenzolog.txt
https://www.reddit.com/r/linux/comments/5myb3m/i_got_a_reply_from_openssl_regarding_the_rumours/
https://archive.fo/y9aVs
https://www.reddit.com/user/comrade-jim
https://en.wikipedia.org/wiki/Apposition
Brayden Miller
Brayden Miller

Will this help crash social media with no survivors?

Charles Ortiz
Charles Ortiz

May we enter into an age of anonymity and waifus

Tyler Anderson
Tyler Anderson

it looks like you need the password and password salt in order to get the encryption keys
i'm confused, why doesn't this stop at "you have the password, you can unencrypt the file"?

Oliver Myers
Oliver Myers

This will mean transparent internet.

They want to push PC to the point that people can't breathe.
Do not fear. Keep shitposting.

Adam Sullivan
Adam Sullivan

I think the point is that it reduces the entropy of the algorithm, limiting the search space. A clever cracker could maybe brute force stuff now, but I'm not sure.

Will the ZOG get us before we get to them? Hold me fam

Lucas Adams
Lucas Adams

Will the ZOG get us before we get to them? Hold me fam
.. this site use "cloudflare"
"CloudFlare's very business model is based on the ability to intercept and read traffic."

Samuel Sanders
Samuel Sanders

This is good. Now that the flaw is exposed to the public, it will get fixed soon.

Nathan Garcia
Nathan Garcia

https://github.com/openssl/openssl/blob/3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73/crypto/rand/md_rand.c

Source for random number generator that post on zerobin refers to.

Kevin Rivera
Kevin Rivera

Or... will be exploited immediately..

Owen Peterson
Owen Peterson

The thing about randomness is true and a lot of people in cryptography knows it.

That why hardware for the purpose of generating entropy exist (especially the military , they collect sounds and wavelengths to generate entropy (and more) it's impressive).
For more powerful randomness there's
https://www.fsf.org/blogs/gnu-press/neug-trng
and there is also this but I doubt the ""opensourceness"
https://www.crowdsupply.com/cryptech/open-hardware-security-module

Cameron Sanchez
Cameron Sanchez

Anyway it needs to be fixed.

Chase Martinez
Chase Martinez

does this mean that tor pedos are going to jail?

Leo Nguyen
Leo Nguyen

does this affect encryption algorythms?

James Carter
James Carter

Holy shit did any of you read the paste? It's fucking nothing. Try not to get baited by a faggot on a conspiracy website next time.

Evan Martin
Evan Martin

That would have happened even before it was made public. The public disclosure of bugs in open source is nothing but a good thing because it means that developers can work on a fix.

Matthew Lewis
Matthew Lewis

you forgot to say that all files that were encrypted before the fix will still remain vulnerable thought.

Hudson Young
Hudson Young

Then go through the process of getting it secure! Security is a continually ongoing process, it's not a property configuration that you can flip somewhere.

Owen Phillips
Owen Phillips

what files are we talking about here?

Henry Adams
Henry Adams

The use of the MD5 sum reduces the security by 50%. If you have the SALT you have the rest.

The security of the MD5 hash function is severely compromised. A collision attack exists that can find collisions within seconds on a computer with a 2.6 GHz Pentium 4 processor.

Its been known that using the MD5 sum was bad since 2008 or something. How to get the SALT would be interesting. You could try to brute-force it but maybe there is a leak that gives a clue to what the SALT is?

Vulnerabilities are published all the time. Unless you have a critical need you wouldn't pay any attention. I just think crypto is fun. If you have sensitive data you might consider encrypting it first with a different encryption method? Watch the Kahn Academy lectures on Crypto to get a basic understanding of decryption too. Any pre-defined algorithm for encryption makes decryption easier. The only solution most people have is to increase the key size. If you use a one-time pad it cannot be broken. Crypto is not having a crisis, although you may be. ;)

Luke Davis
Luke Davis

https://youtu.be/fwcl17Q0bpk?t=162

old but good

Xavier Gonzalez
Xavier Gonzalez

Doesn't know about Strange Attractors.

Adam Morris
Adam Morris

newfag from /pol/eddit can't crossboard link right
wew

Ryan Parker
Ryan Parker

Proof of concept or fuck off.

Liam Cox
Liam Cox

got a vector of that? I want to make one as large as 8ch allows

Hudson Gonzalez
Hudson Gonzalez

It's all in the fucking paste. Try it yourself if you don't believe it.

Cameron Jackson
Cameron Jackson

newfag here. What are the potential consequences of this?

Hunter Perry
Hunter Perry

Anything encrypted with openSSL should be considered compromised, but since the whole heartbleed fiasco you should've assumed that anyway

Dylan Sullivan
Dylan Sullivan

/pol/res/8723416.html#8723416

Ryan Cook
Ryan Cook

Anything encrypted with openSSL should be considered compromised
Correction: anything encrypted by a retard smashing crypto primitives together at random and thinking it's secure just because AES was involved should be considered compromised

Benjamin Hall
Benjamin Hall

2016
fixed since 1000000 years
news
drama queen

James Hughes
James Hughes

This is why rust is superior.

Hudson Adams
Hudson Adams

encrypted by a retard smashing crypto primitives together at random and thinking it's secure just because AES was involved
so 90% of software making use of crypto right?
Isn't this also limited to cases where OpenSSL is used with a password to encrypt files? I don't know many cases where this is used seriously, most people would use FDE or Truecrypt or something. This shouldn't affect TLS?

Levi Baker
Levi Baker

This is all gay though. To get the "seed" password in this proof of concept, you have to have the initial key. You know, the string that is actually used to encrypt the document.

Landon Cooper
Landon Cooper

I believe the intention was to prove that OpenSSL was using MD5 as a key derivation function in an insecure way that limits the keyspace when using a password. This should make it easier to bruteforce files encrypted with OpenSSL but I don't think it is the catastrophe it is blowing up to be right now?

Aaron Sullivan
Aaron Sullivan

Possibly, but its nothing even close to being critical.

Nolan Adams
Nolan Adams

What does this mean, if anything, for people using a VPN, Tor or offshore email account?

Thomas Martin
Thomas Martin

Inkscape has a tool to produce vectors from images. I'll try to see if I can make it work.

Gavin Long
Gavin Long

I made a vector, no color because I have no idea how to make SVGs so you can add that in your PNG if you want.

Link expires in 1 month.
https://a.cocaine.ninja/xpofuz.svg

Ayden Thomas
Ayden Thomas

"If you use a one-time pad it cannot be broken..."
if you have a reliable source of randomness.
if that source of randomness (or, what processes it) is not itself compromised. a favourite attack vector for alphabets.
if your distribution of otp values is not compromised.
if your use and disposal of otp values is not compromised (by memory attacks or botnet cpu perhaps?)
nature finds a way!

Lucas Smith
Lucas Smith

Javascript is required for ZeroBin to work.
Sorry for the inconvenience.

Go fuck yourself

Landon Russell
Landon Russell

https://a.cocaine.ninja/xjfpuu.svg
Take it, just edited in text editor (because I don't know how to use fucking graphic editors and it's simpler)

Connor Walker
Connor Walker

zerobin
OpenSSL is compromised
I'm from /pol/

Xavier Cook
Xavier Cook

you can do x if you know pass and salt
Wow, /pol/, every time I think you can't get any more fucking retarded, you go and do shit like this and prove me wrong.

Charles Reyes
Charles Reyes

11 hours ago
471 replies
/pol/ is a funny guy sometimes

Dylan Lopez
Dylan Lopez

O M G
WHO WOULD HAVE THOUGHT THAT WITH THE PASSWORD AND THE SALT YOU CAN DERIVE THE KEY
Yes, it should use a stronger key derivation algorithm by default, but this is OpenSSL. The defaults are probably more than a decade old, and only get changed if there is actually an attack on that set of parameters.
And concerning the RNG and memory allocator, it's widely known that they're shit. That's one of the reason LibreSSL was created.
This is from 2014: https://www.openbsd.org/papers/bsdcan14-libressl/mgp00017.html

Jordan Rogers
Jordan Rogers

DON'T NEED EITHER, I IMPLEMENT

Oliver Hill
Oliver Hill

FYI: https://github.com/openssl/openssl/issues/2195

Christian Roberts
Christian Roberts

In other words, the content in the paste is mostly bullshit and bait.

Thomas Wood
Thomas Wood

UNTRUE, I HAVE WORKING IMPLEMENT, I MADE OPTIMIZATION, AM HACKING BANK OF ENGLAND NOW BECAUSE THEY COLONIZE THOUGH BUT I HAVE ALL THE MONEY WE WILL SEND YOU OUR POO NOW WE COLONIZE YOU!

Evan King
Evan King

Schizophrenia and autism are a hell of a cocktail.

Matthew Williams
Matthew Williams

neug-trng
It seems pretty good and I was using it to feed /dev/random, but yesterday I discovered it was hanging my PC on shutdown. Although I don't restart my PC very often, is there a way to feed it to /dev/random without having that issue?

Wyatt Myers
Wyatt Myers

OP here. The main point was to clarify /pol/ suspicions.
Seems like a potential threat, but might not be as bad as first thought.

Nolan Martin
Nolan Martin

Woops. Was on a phone. Should have posted the archive link. See the /pol/ thread.

Ethan Brooks
Ethan Brooks

We're non tech geeks beginning to learn shit. Be gentle senpai.
We're slowly getting there.

Jeremiah Watson
Jeremiah Watson

Complacency is for cucks. We're only paranoid because we're learning and do not fully understand the tech holes etc.

One day we might have a larger more tech literate force.

Ryder Young
Ryder Young

/pol/
reading shit
Get out

Ethan Evans
Ethan Evans

/pol/ is always seeing things that aren't there. A bug in openssl? OMG THE NSA BRIBED THE OPENSSL TEAM

Nicholas Richardson
Nicholas Richardson

Did you read the leaks?
You need to realise you're in hell son. We don't even know how far criminals would go now. I used to think that shit was for windmill crusaders.
Turns out - they were no mere windmills all along. People are living falsely complacent today.

Levi Barnes
Levi Barnes

Why is /pol/ so fucking stupid?

Justin Jenkins
Justin Jenkins

Why are Holla Forums masochists?

Josiah Sanders
Josiah Sanders

Because it is filled full of retards who attack their own because they've been easily co-opted by the SJW mods. Just look at how they've been attacking TRS for the past couple weeks.

Camden Brooks
Camden Brooks

implying you aren't conditioning Holla Forums from /pol/ by dodging the truth on TRS
I bet you like jews too.

Aaron Murphy
Aaron Murphy

trs doesn't name the jew
you've never listened to any of their podcasts have you?

case in point tech, just look at this tard

Leo Clark
Leo Clark

I don't live complacently. I know that the government is willing to intrude on freedoms for their own benefit and for a more intrusive state. The government is no longer accountable to the people. What I don't do is jump to conclusions. I separate the hard facts and my opinions that are derived from those fact. I avoid jumping to conclusions until either the hard evidence proves only one conclusion or the evidence points to a conclusion that is beyond reasonable doubt.

This is the reason why I don't use Microsoft Windows or any form of proprietary software, I don't have a cell phone and why I am extremely selective about what technology I allow in my life. Richard Stallman taught me about freedom and that freedom is a good thing to fight for.

Matthew James
Matthew James

Have you?
No i haven't because i dont bother browsing there. Got links?
There is jumping to conclusions, and there is cognitive dissonance preventing the evidence from fulfilling a threshold of acceptance of a fact.

This is why tech geeks suck at politics and national security. It has to be black and white. Frankly, there are concerns which need preemptive action and you are frightened of considering that because the fact has to be 100% and absolute.

You need to realise that a chain of circumstances is usually all you need to prove a case, because direct evidence is unreasonable.

That said, barely looked at the TRS thread. Seemed rather bullshit. (So i partially agree there)

Leo Rivera
Leo Rivera

their podcast is literally called The Daily Shoah. you're really retarded enough to think they dont name the jew?

Isaac Morales
Isaac Morales

(Cont.) But the fact TRS are nothing but namefags suggests they are nothing but attention whores that do it for the attention between their peers.

I loathe that. You're not doing it for digging out the truth, you do it for attention.

Isaiah King
Isaiah King

They are brave to use names then. I will have to look over it. Seems like the mods did shifty things though, and sjws seem to love planting seductive parasites(breaking mods through sex) on these forums.

I know that from personal experience tbh.

Matthew Price
Matthew Price

The mods hate anything which could threaten people to leave /pol/. I was bedchan back in the hotwheels fix your shit, codemoneky fix your shit threads, and they kept on deleting my posts on /pol/ and banning me.

Liam Davis
Liam Davis

Did you use the meta thread?

Nolan Ross
Nolan Ross

no one goes to polmeta

Caleb Richardson
Caleb Richardson

Not even mods?
That's probably the reason for the ban. You never gave the mods a chance to "correct the record" kek we do need to ask some questions, but faggots will drown out the right qs

Also could i get those images in your previous pic?

Thomas Hall
Thomas Hall

Not even mods?
Have you ever been to polmeta? Have you ever once seen the mods there?

You never gave the mods a chance to "correct the record"
In the first ban they said to keep it on Holla Forums as hotwheels giving away user data to Vice, and jim in general wanting to be a greedy kike and wanting to ban Tor, was not pol related.

Noah Gonzalez
Noah Gonzalez

hotwheels giving away user data to Vice, and jim in general wanting to be a greedy kike and wanting to ban Tor,
Single fact to back that up, etc.

Wyatt Ramirez
Wyatt Ramirez

Single fact to back that up, etc.
How new are you? http://archive.org/lorenzolog.txt

Evan Hughes
Evan Hughes

I don't understand. You already need the password to do this. Why is this a vulnerability?

Jose Powell
Jose Powell

some redditcuck emailed openssl about this

tl;dr it's mostly fucking nothing

https://www.reddit.com/r/linux/comments/5myb3m/i_got_a_reply_from_openssl_regarding_the_rumours/
https://archive.fo/y9aVs

David Long
David Long

A log of meaningless data that only contains shit Bui spammed
yawn, got anything worth actually sperging over? If not nothing you're claiming is fun and you're boring.

Aaron Allen
Aaron Allen

only contains shit Bui spammed
only
are you as illiterate as a nigger?

You can also be assured that most of the requests that are in this log, but not all, were the result of one spammer using proxies.
but not all

Blake Powell
Blake Powell

Haha, didn't know there was a BG fill param.

Inkscape was trying to tell me I needed to make a new shape behind the smiley and fill it in but I didn't think that was a good idea. TY

Jaxon Long
Jaxon Long

https://www.reddit.com/user/comrade-jim

our guy?

Nolan Myers
Nolan Myers

He's either from here or cuckchan, I see him triggering the faggots on /r/linux every time I go there to look for news. I get shadowb& every time I make a new account to shitpost on that cancerous shithole.

Eli Martin
Eli Martin

That's not what they're doing. What they're doing is showing OpenSSL is just parsing your data through a MD5 hash.

Is OpenSSL of equivalent security to--or is it not--a MD5 hash? Why is that question not answered on plebbit?

Matthew Ross
Matthew Ross

Inkscape
not Adobe Illustrator

Plebe.

Robert Young
Robert Young

Is OpenSSL of equivalent security to--or is it not--a MD5 hash? Why is that question not answered on plebbit?
Is Dell of equivalent security to--or is it not--a hard drive?
Is our children learning???

David Fisher
David Fisher

Is OpenSSL of equivalent security to--or is it not--a MD5 hash? Why is that question not answered on plebbit?

Even more to the point, has anyone really been far even as decided to use even go want to do look more like?

English, motherfucker. Do you speak it?

Daniel Lee
Daniel Lee

You have no right to talk about security if you ever rely on proprietary software.

Zachary Brown
Zachary Brown

Both are you are not answering the question. This makes me rather suspicious because this is a typical sliding technique.

Josiah Anderson
Josiah Anderson

https://en.wikipedia.org/wiki/Apposition

Carter Brown
Carter Brown

Why should we answer such a nonsense question? It's impossible to make sense when you're starting with nonsense.

Blake Anderson
Blake Anderson

This may or may not affect TLS at all. This does not affect Firefox--Mozilla does not use OpenSSL. The only claimed weakness is a bad RNG, which may or may not also expose a TLS server's private key. Exposing private keys was how Heartbleed caused problems.

The salt is included with the ciphertext. The only actual claimed weakness is an allegation that the salt is not random at all, but is somehow derived from the passphrase. If true, then the initialization vector may also be affected. Both of these are supposed to be "random numbers" and are stored with the ciphertext. Neither the salt nor the IV is secret, only the passphrase is secret. Obviously, it's very bad if secrets can be derived from non-secrets.

The claimed weakness relates specifically to the OpenSSL enc(1) command, which is believed to have been used to encrypt the Wikileaks insurance files. It may or may not also affect programs that use OpenSSL for TLS.

Christian Peterson
Christian Peterson

It doesn't affect anything. It's a troll post, with buzzwords throughout. Using md5 in this context does not matter. You got trolled.

Hunter Reed
Hunter Reed

I'm less quick to dismiss it in its entirety--but you are correct that it's mostly bogus. The only valid concern that it raises is the claim that the salt is generated in part from the passphrase.

OpenSSL has done similarly bad things in the past, notably using the user's RSA private key as an entropy source. Given the Debian RNG screw-up, which was caused by OpenSSL relying on an "uninitialized" block of memory to contain random bytes and Debian fixing the apparent bug, I won't quickly dismiss claims of further RNG shenanigans in OpenSSL. They've been caught doing stupid shit with their RNG before.

If the passphrase is being used an entropy source for the RNG, then CBC mode introduces another potential side channel--the initialization vector, which is also a non-secret "random" number. Unlike the salt, which is only 64 bits, the IV is as long as one cipher block, which is 256 bits for AES. 256+64 = 320 bits of possible side channel if the RNG uses the passphrase as an entropy source. Depending on exactly how the OpenSSL RNG works (please tell me it isn't Dual EC DRBG) this might give an attacker clues about the passphrase.

There's smoke here, but we don't know if there are any flames yet.

Jason Hill
Jason Hill

PBKDF1
MD5

it's nothing

Disable AdBlock to view this page

Disable AdBlock to view this page