Date: Mon, 18 Jan 1999 07:18:59 -0800 (PST) From: Christopher Nielsen <enkhyl@scient.com> To: freebsd-security@FreeBSD.ORG Subject: Port of 'bugs' in ports tree Message-ID: <Pine.BSF.4.05.9901180658280.93748-100000@ender.sf.scient.com>
next in thread | raw e-mail | index | archive | help
Poking around in the ports tree this morning, I noticed a port under ports/security called bugs. It caught my attention because pkg/DESCR says it's a crypto library. Having never heard of it, I decided to take a look at it. After perusing the code and reading through the description of the algorithm, I feel very strongly that a warning of some kind should be placed on this piece of software. This is NOT secure in any sense of the word (except possibly against little sisters/brothers). I can think of at least one cryptanalysis attack off the top of my head (poor source of random data), and that's after spending 10 minutes looking at the code and reading the algorithm. Comments? -- Christopher Nielsen Scient: The eBusiness Systems Innovator <http://www.scient.com>; cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9901180658280.93748-100000>