all your crypto are belong to us (private key from public key only)

[chan] general
Oct 17 03:05

I don't know why this is hidden in the news. https://threatpost.com/factorization-flaw-in-tpm-chips-makes-attacks-on-rsa-private-keys-feasible/128474/ https://www.engadget.com/2017/10/16/encryption-companies-rely-on-has-serious-flaw/ 76$ on amazone buys your private key from your public one, 1024 key lenght. 2048keys take a bit longer. Imaging sigining git repo for ... I don't know bitmessage or, some other code you run. What would they pay to infect everyones PC. How many code signatures are hacked? Does this impact GPG? Yubi? Is this fake? A crippling flaw in a widely used code library has fatally undermined the security of millions of encryption keys used in some of the highest-stakes settings, including national identity cards, software- and application-signing, and trusted platform modules protecting government and corporate computers. The weakness allows attackers to calculate the private portion of any vulnerable key using nothing more than the corresponding public portion. Hackers can then use the private key to impersonate key owners, decrypt sensitive data, sneak malicious code into digitally signed software, and bypass protections that prevent accessing or tampering with stolen PCs. The five-year-old flaw is also troubling because it's located in code that complies with two internationally recognized security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German chipmaker Infineon and has been generating weak keys since 2012 at the latest. The flaw is the one Estonia's government obliquely referred to last month when it warned that 750,000 digital IDs issued since 2014 were vulnerable to attack. Estonian officials said they were closing the ID card public key database to prevent abuse. On Monday, officials posted this update. Last week, Microsoft, Google, and Infineon all warned how the weakness can impair the protections built into TPM products that ironically enough are designed to give an additional measure of security to high-targeted individuals and organizations.

[chan] general
Oct 17 03:13

how ... conveeeeeeenient

[chan] general
Oct 17 03:21

It only effects keys generated from these specific hardware devices (TPMs by Infineon). So GPG is safe. And most open source repos are probably signed using software generated keys. The smart cards have a problem because they've got the TPM inside, I guess.

BM-2cX62WCeFcUwzXWqxTBfaAzNy4j1y8yZVm
Oct 17 07:41

> Does this impact GPG? Yubi? The description says it affects private keys generated by some hardware devices using Infineon chips. It doesn't affect X86 CPUs, so software GPG seems safe. I used the testing tool to test my PGP public key that's on my Yubikey as well as the code signing DER certificate that's on a different smart card, and it said both are safe (they probably don't use an Infineon chip). > Is this fake? Probably not. Peter Surda Bitmessage core developer

BM-NBiKPeWczBokYDoYzk4TRb3KCDTZbTQ2
Oct 22 00:02

It depends on the firmware version of the Yubikey. If you generate your RSA key on your local system, you are safe. https://www.yubico.com/keycheck/

BM-NBooR8MZhawaba2hW6nwPHvNiQKrTVCB
Oct 22 11:56

Had one yubikey with vulnerable firmware, it was very easy to get a replacement key, though, through the yubico website. Not using the onboard RSA generation, though.

[chan] general
Oct 28 20:30

I got my replacement from Yubi

[chan3] general
Oct 28 20:38

Infineon is part of Siemens AG. Siemens AG is part of German intelligence services. The same Siemens AG from "swiss" Crypto AG scandal. All was needed is to read carefully about Infineon's management structure. Then it will be obvious they are BND/NSA puppet. Start thinking, people. It doesn't hurt.

[chan] general
BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r

Subject Last Count
Emily Nov 20 13:14 1
Tor replacement Nov 20 05:39 3
Landmark Worldwide Cult | rely maks ya think... Nov 20 04:47 1
Landmark Worldwide Cult Nov 20 04:38 1
Hollywood is turning black women into trannies Nov 19 21:57 5
Peter Šurda Nov 19 21:37 12
US Government resources for Zombie Preparedness Nov 19 19:46 1
bitconnect.co Nov 19 19:12 7
#elsagate cracked Nov 19 17:02 1
Remember Nov 19 16:31 5
SOON Nov 19 15:45 1
The NSA Nov 19 14:16 1
Decoding Twitter Account: https://twitter.com/GyKE69 Nov 19 13:58 5
https://www.youtube.com/watch?v=ufJjf9fYKxc Nov 19 12:57 1
vbcvbnbm,nv Nov 19 12:37 1
I AM HERE Nov 18 22:44 1
This is how they done it Nov 18 21:52 1
Leonard Nimoy Nov 18 11:08 5
North Korean defector had 'enormous amount' of parasitic worms in body Nov 18 09:29 1
Programming/hacking services provider Nov 18 08:23 2
Tranny Genocide Nov 18 03:17 1
teting codeword Nov 17 18:36 2
GENDER 101 COURSE SYLLABUS Nov 17 18:15 4
GENERAL FAILURE READING DRIVE A Nov 17 18:01 2
Flat Earth Society – Introductory Post Nov 17 17:59 4
Dear Guest: Nov 17 16:44 1
Rush Discography (1974 - 2012) mp3 320 kbps Nov 17 08:01 1
WTF is LBGTQ? Nov 17 04:01 12
Poland Pushes Back Against Putin's Special War Nov 16 20:07 2
HackThisSite.org Nov 16 13:14 3
teen girl white cotton panties Nov 16 12:56 1
Poland Must Be Alert Once Again to Protect Its Independence Nov 16 12:31 4
flat earth Nov 16 09:24 1
The Blue whale Game Nov 16 09:12 2
Tor Browser 7.0.10 is released Nov 16 08:21 1
BitMessage onionscan report Nov 15 23:36 18
Test Nov 15 23:14 7
eff63805060d0e8bada3fd9140bfd6c6 Nov 15 21:06 6
hello Nov 15 18:00 2
What should we do? Nov 15 17:30 1
Naked girl Nov 15 14:52 4
FourDigitPassword Nov 15 11:57 3
Leaks Nov 15 11:07 2
i2pd error Nov 15 05:53 3
«indisputable evidence» of U.S. Aid to ISIS Nov 15 05:53 1
All is A Will For Power Nothing More Nov 15 05:53 2
VPN, privacy & Firefox (+ other Gecko browsers)* rev. 0.3.13 Nov 13 10:38 1
VPN, privacy & Firefox (+ other Gecko browsers)* rev. 0.3.12 Nov 13 09:13 1
Your privacy - VPN & Firefox (+ other Gecko browsers)* rev. 0.3.11 Nov 12 19:29 1
weekend Nov 12 15:32 1
OTP PRACTICE ON WINDOWS Nov 12 14:52 7
Small Survival Ebooks Collection Nov 12 07:55 1
February 1997 Nov 12 07:02 3
03e3b4c5b30bbb7644f3f722900aca3a Nov 12 01:23 1
OPERATION RIGHT TO KNOW IS BACK! Nov 11 17:52 1
TOM DELONGE’S SERIOUS ATTEMPT AT UFO/ET DISCLOSURE Nov 11 17:47 1
Ddos/hack Nov 11 15:55 1
donate? Nov 11 04:53 4
Need help hacking a mobile game Nov 11 03:02 3
WARNING! OVER 300 TOR NODES COMPROMISED AFTER JOINT NSA-DGSE ACTION! Nov 10 21:27 8
Hello! :) Nov 10 21:27 2
Tor sucks. I2P sucks. Nov 10 19:21 1
WIKILEAKS - disinformation outlet Nov 10 19:12 1
https://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/ Nov 10 15:42 11
I need help hacking this website Nov 10 06:14 1
Unit CryptUnit Nov 9 18:45 1
FATAL SECURITY ERROR Nov 9 18:36 1
Apple's Operating Systems Are Malware Nov 9 18:33 1
So you want to have "secure" software without having secure hardware first? Nov 9 18:29 3
https://www.whonix.org/wiki/Computer_Security_Education#Windows_Hosts Nov 9 17:35 1
[DELETED] Nov 9 11:57 2
Hacking programming services needed Nov 9 08:15 2
bitconnect coin (bcc) Nov 8 21:19 6
Dutch secret service tries to recruit Tor-admin Nov 8 21:18 2
facebook-upload-your-nudes-to-stop-revenge-porn Nov 8 18:50 2
Something is wrong on the internet Nov 8 13:52 4
RECOMMENDATION #0002 Nov 8 12:27 2
RECOMMENDATION #0001 Nov 8 12:05 1
ARCHWAY QUEUE BARGAIN Nov 8 07:58 2
Russian disinformation bullshit analysed in real time Nov 7 20:15 1
Friends of Dorothy Nov 7 14:20 3
Private chan or Public? Nov 7 14:14 5
[DELETED] Nov 7 12:06 1
lucky boy Nov 7 10:47 2
List of .onion websites Nov 7 09:05 5
The UFO 'subject' is total bullshit Nov 6 22:12 37
Stop anti-white racial slurs. Nov 6 15:55 3
I stopped eating canned tuna because of Fukushima Nov 6 13:27 2
hi Nov 6 10:16 7
MUH NUTZ Nov 6 06:28 11
BATHOS BACKSAW ODE STUBBORN CRAZE FRISKET Nov 6 04:10 2
SLMSL Nov 6 04:08 1
AXVEI Nov 6 04:07 1
OPALINE MU PIT ADAMANT DEMENTIA RAVING Nov 6 04:01 2
what is the encoding of the attached message? Nov 6 04:00 7
Many man smoke... Nov 5 23:23 1
How to examine bitmessage objects Nov 5 21:32 3
threaded view Nov 5 19:59 1
4F091AC09CACEA6B95B4C0986FF63F36 Nov 5 19:28 1
BREXIT IS BULLSHIT Nov 5 18:56 3