[URGENT] tinc has a security hole of about 50 million km^2
Guus Sliepen
guus at sliepen.warande.net
Mon Aug 28 16:13:38 CEST 2000
On Sun, 27 Aug 2000, Ivo Timmermans wrote:
> Sending your passphrase encrypted is all fine, but tinc sends the key
> with which it was encrypted about a second later...
Ehr? How evil! Why didn't we see that earlier? [Pointy accusing fingers
into several directions!] Hmm - we had to redefine it anyway. But why does
it send the SAME key out? Why not just a different key? That's how it
normally works - works as well for symmetric as for assymetric keys,
-------------------------------------------
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.warande.net>
-------------------------------------------
See also: http://tinc.nl.linux.org/
http://www.kernelbench.org/
-------------------------------------------
---
TINC development list, tinc-devel at nl.linux.org
Archive: http://mail.nl.linux.org/tinc-devel/
More information about the Tinc-devel
mailing list