Hacker News new | past | comments | ask | show | jobs | submit login

I'm no crypto guy, but what's all this about different versions of OpenSSL succeeding or failing to validate a signature? That sounds like it should be interesting in its own right...



The bash command line given by Wright had a bug (or an intentional error, e.g. to slow down the verification attempts, or confuse o whatever) (& instead of &&). Kaminsky missed to recognize that.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: