Language Selection

English French German Italian Portuguese Spanish

Be Afraid if Someone's Got a Voltmeter Hooked to Your CPU

Filed under

Boy, do I hate it when a FLOSS project is given a hard time unfairly. I was this morning greeted with news from many places that OpenSSL, one of the most common FLOSS software libraries used for cryptography, was somehow severely vulnerable.

I had a hunch what was going on. I quickly downloaded a copy of the academic paper that was cited as the sole source for the story and read it. As I feared, OpenSSL was getting some bad press unfairly.

The first thing you have to note about such papers is that informed readers generally ignore the parts that a newbie is most likely focus on: the Abstract, Introduction and Conclusion sections. Unfortunately, these promotional parts of the paper are the sections that focus on the negative implications for OpenSSL. In the rest of the paper, OpenSSL is merely the software component of the experiment equipment.

The experiment described in the paper is very difficult to reproduce. You have to cause very subtle faults in computation at specific times. As I understand it, they had to assemble a specialized hardware copy of a SPARC-based GNU/Linux environment to accomplish the experiment.

rest here

re: OpenSSL

Good but way toooooo long of an article.

To sum up...

"Likelihood of being cracked" is NOT the same as "can be cracked".

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Mesa 11.1 RC2 Brings Dozens Of Fixes

It's coming a few days late, but Mesa 11.1 Release Candidate 2 was officially released today. Mesa 11.1 when released later in December will have many new features but doesn't bump the overall OpenGL version support. Now being past the Mesa Git branching, Mesa 11.1-RC2 is just about bug/regression fixing. Read more

uNav GPS Navigation App for Ubuntu Phones Receives a Major Update

Today, November 30, Marcos Costales has just announced a new update for its awesome uNav GPS navigation app for Ubuntu Phone devices, a release that introduces some interesting new features. Read more

Watch: Ubuntu 16.04 LTS with Unity 8 Gets a New and Beautiful Official Theme

The next Ubuntu desktop with Unity 8 cannot launch with the same theme as the old Unity 7, although that seemed like the case, until now at least. The team has finally changed the theme for Ubuntu 16.04 LTS with Unity 8, and it looks really, really good. Read more