Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - Bug in the GnuTLS Library leaves many OSs and Apps at risk->

Submitted by williamyf
williamyf (227051) writes "According to our friends at ArsTechnica:

"The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers."

What's even more, the coding error *may* have been present since 2005, so one has to wander, again, where were those "many eyes that render all bugs shallow" one keeps hearing about..."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Bug in the GnuTLS Library leaves many OSs and Apps at risk

Comments Filter:

You do not have mail.

Working...