Marco Ivaldi
@raptor.infosec.exchange.ap.brid.gy
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
[bridged from https://infosec.exchange/@raptor on the fediverse by https://fed.brid.gy/ ]
[bridged from https://infosec.exchange/@raptor on the fediverse by https://fed.brid.gy/ ]
Reposted by Marco Ivaldi
The vuln is so old it is not even easy to find the reference!
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
Original post on mastodon.social
mastodon.social
October 23, 2025 at 11:45 AM
The vuln is so old it is not even easy to find the reference!
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]