NaNin@lemmy.dbzer0.com
on 18 Mar 12:08
nextcollapse
I’m not surprised. RSA is deprecated as a public key method in openssh. There’s no reiable implementation anywhere. Seems like IoT manufacturers consider security as an afterthought. Anyone pushing for anything other than ed25519 just wants to decrease your security footing
wise_pancake@lemmy.ca
on 18 Mar 12:44
nextcollapse
This is why my house is free of IOT devices
Their lack of security is not new.
Cheradenine@sh.itjust.works
on 18 Mar 12:58
collapse
How will you know when your toast is done? Unless you get a notification from an app, there is no way to be certain. Schrödinger’s toast bro.
Laundry finished?
Expired milk in the fridge?
Toothbrush bristles need replacing?
Their is no way to know, might as well live in a cave and bang rocks together.
Fermiverse@gehirneimer.de
on 18 Mar 14:34
collapse
threaded - newest
I’m not surprised. RSA is deprecated as a public key method in openssh. There’s no reiable implementation anywhere. Seems like IoT manufacturers consider security as an afterthought. Anyone pushing for anything other than ed25519 just wants to decrease your security footing
This is why my house is free of IOT devices
Their lack of security is not new.
How will you know when your toast is done? Unless you get a notification from an app, there is no way to be certain. Schrödinger’s toast bro.
Laundry finished?
Expired milk in the fridge?
Toothbrush bristles need replacing?
Their is no way to know, might as well live in a cave and bang rocks together.
No problem the S in IoT stands for security
¯\(ツ)/¯
The referenced paper: keyfactor.com/…/Factoring-RSA-Keys-in-the-IoT-Era…
Kinda misleading headline.
It’s not a flaw in RSA, but the lack of entropy in lightweight devices without many inputs. ECC would have basically the same problem.
Maybe “random number generation flaw” would be more accurate.