TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

100% Positive

Analyzed from 162 words in the discussion.

Trending Topics

#figure#netapp#half#years#fact#kind#debian#more#happy#experience

Discussion (4 Comments)Read Original on HackerNews

DoNotMindMe•about 4 hours ago
I have no experience with high level math or encryption so saying this idea is even half-baked would be an overstatement. For a few years I have wondered if the fact that Windows kernel defaults to UTF16 encoding and if the fact that majority of text would be half 00 (e.g. capital A = 00 41) would allow for some similar attack vectors?
spydum•about 21 hours ago
Kind of reminds me of https://lists.debian.org/debian-security-announce/2008/msg00...

Interesting they could not figure out pattern 1? Wonder if there is any additional metadata to point at a vendor or provider..

hannob•about 8 hours ago
My best guess would be some kind of netapp product, as we saw some self-signed certs on hosts that identified as netapp. But netapp didn't answer, and we got either no or no useful feedback from any of the certificate owners. So we ended up being unable to figure that out.

I'll probably share a list in some way soon and will try to ask the wider cryptographic and TLS community if anyone can figure it out.

nickf•about 6 hours ago
Hanno - we may have communicated before some years ago, but am more than happy to offer any help I can (if some of our customers are/were affected, happy to reach out and see if they can give you more answers as to which products). nick (at) sectigo (dot) com