Date: Mon, 18 Jan 1999 07:18:59 -0800 (PST) From: Christopher Nielsen <enkhyl@scient.com> To: freebsd-security@FreeBSD.ORG Subject: Port of 'bugs' in ports tree Message-ID: <Pine.BSF.4.05.9901180658280.93748-100000@ender.sf.scient.com>
index | next in thread | raw e-mail
Poking around in the ports tree this morning, I noticed a port under ports/security called bugs. It caught my attention because pkg/DESCR says it's a crypto library. Having never heard of it, I decided to take a look at it. After perusing the code and reading through the description of the algorithm, I feel very strongly that a warning of some kind should be placed on this piece of software. This is NOT secure in any sense of the word (except possibly against little sisters/brothers). I can think of at least one cryptanalysis attack off the top of my head (poor source of random data), and that's after spending 10 minutes looking at the code and reading the algorithm. Comments? -- Christopher Nielsen Scient: The eBusiness Systems Innovator <http://www.scient.com>; cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9901180658280.93748-100000>