
I'm a sad panda
512 bits encryption should be strong enough for hackers, so I am investigating for backdoors
Moderators: fgagnon, nikos, Site Mods
Don't worry - you're likely still doing enough to keep the honest people honest, and the people who are doing crack (:P) don't mind a patch+keygen combination. But of course it can feel as an attack on personal pride. Don't worry too much about that, though - even big people like Microsoft have failed (using bad parameters for their elliptic curvo crypto used for windows cd-keys meant that was first partially and later fully broken... but then it turned out MS did, after all, have a full database of volume license keys, and could block invalid serials from windows update after allnikos wrote:yes, I saw it too, this shouldn't have happened according to theory
I'm a sad panda
Not really - some cracking teams have had distributed setups for years, and today it's very easy to rent a lot of computing power relatively cheap from services like Amazon EC3. And a lot of the guys in the scene aren't kids anymore (even if some behave that way), but people with well-paid jobs who are doing it for the intellectual challenge (and/or childish bragging rights).nikos wrote:512 bits encryption should be strong enough for hackers, so I am investigating for backdoors
My bet is still on the RSA being broken.nikos wrote:my version has been keygenned so i can't say it is working as intended
i am still trying to figure out if the RSA was broken or my webserver
Tuxman, OpenSSL is a stinking pile of crap, but it seems you don't really understand how it's a dungpile.Tuxman wrote:I doubt there's a thing like "secure keygens". After your blog post had been released, OpenSSL was proven to be an insecure pile of wrappers for not working algorithms. Welcome to open source.