openssl and NSA backdoor
Mike Wright
mike.wright at mailinator.com
Sat Dec 21 20:05:33 UTC 2013
Hi all,
After Edward Snowden spilled the beans on the NSA I've become extremely
paranoid about system security. If not the NSA, who else?
I've been trying to find out if the versions of openssl shipped by
fedora use the "Dual Elliptical Curve" encryption method that RSA so
politely (for a tidy $um) made default at the request of the US's NSA.
That is the encryption method with the NSA's very own backdoor.
If so, has it been corrected? Is openssl even safe to use anymore?
What about previous versions of fedora?
And what about our certificates? Are they more or less useless now?
Where do we go from here?
If anybody is up on security I think we'd all like to know what is going
on here esp. re fedora.
Thanks *very* much for any help on this,
Mike Wright
ps. for spit and giggles maybe everybody ought to take all their
non-private email and CC them to the NSA. That will give them something
else to do with their time besides wiping their butts on the constitution.
More information about the users
mailing list