Oh, I didn't know we were doing snark on this list? Or is it simply an attempt at dismissing the obvious with ridicule? systemd has been mired in controversy since they began bullying their way into every corner of linux .... unless you've been hiding under a Waikato river rock the controversy hasn't been difficult to miss. It is well documented in many articles, google "systemd controversy" for example but I think enough has been said without escalating the controversy further, systemd should be approached with more than a healthy amount of suspicion ... libgcrypt is a dedicated crypto library that has nothing to do with systemd btw and RSA-1024 is not really used anymore in practice since it's basically obsolete. On Wed, 2017-07-05 at 07:39 +1200, Lawrence D'Oliveiro wrote:
What they found is that the libgcrypt library used what's called “sliding windows”, a method for carrying out the mathematics of cryptography – but one that's known to leak data.
...
What they found was an unpleasant surprise: a complete break of the library's RSA-1024...
<https://www.theregister.co.uk/2017/07/04/gnupg_crypto_library_cracked_look_for_patches/>
Cue the conspiracy theorists lining up to say “Given the controversy surrounding GnuPG and the way they operate, one just has to wonder "bug or backdoor?"” _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: https://list.waikato.ac.nz/mailman/listinfo/wlug