A View from Erica Naone
Security Flaw Found in Linux
Bug compromises cryptographic keys created over the past year and a half.
A bug found in Debian Linux, from which the popular Linux version Ubuntu is derived, puts at risk a number of cryptographic keys generated on Debian systems between September 2006 and May 13, 2008, according to security researcher H.D. Moore. The keys placed at risk include the type typically used to protect e-commerce transactions. The bug resulted from the deletion of a section of code that was responsible for providing the random numbers that are the foundation of the keys. As a consequence, keys generated could be vulnerable to attackers.