The Factor Circumstance →
News, via Dan Goodin, writing at our beloved ArsTechnica, detailing an enormous factorization flaw within Infeneon-based 2048-bit RSA keys tied to a widening number of encryption products worldwide. The implications are equally enormous. H/T
'The researchers who uncovered the Infineon library flaw questioned whether the secrecy required by some of the certification process played a role. They wrote: Our work highlights the dangers of keeping the design secret and the implementation closed-source, even if both are thoroughly analyzed and certified by experts. The lack of public information causes a delay in the discovery of flaws (and hinders the process of checking for them), thereby increasing the number of already deployed and affected devices at the time of detection.' - via Dan Goodin at ArsTechnica