NGI Zero open source funding on Nostr: badkeys is an open source tool to check cryptographic keys for known vulnerabilities. ...

badkeys is an open source tool to check cryptographic keys for known vulnerabilities. Its developer nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqh2nnq0edgte475lv7s7mvtyqlntyhamldx27mq8mnjs7lrv2cz6svf8fsu (nprofile…8fsu) gave a talk at German OWASP Day where he discussed how old bugs never die. He tested for the Debian OpenSSL bug discovered in 2008 & found hundreds of DKIM setups still vulnerable. Vulnerable hosts included prominent names like Cisco, Oracle, Skype, and Github. But he sees even older vulns including one which is over 300 years old.
Watch the talk here: https://media.ccc.de/v/god2024-56276-the-debian-openssl-bug-and
#NGI #NGI0