The cr.yp.to microblog: 2017.11.06 22:30:47

2017.11.06 22:30:47 (927649487551696896) from Daniel J. Bernstein, replying to "Halvar Flake (@halvarflake)" (927425606442201088):

Main problem is Infineon deploying something insecure. Presumably exploited for years. Infineon also delayed public awareness for 9 months.

Context

2017.11.06 07:40:36 (927425465857531904) from "Halvar Flake (@halvarflake)":

In an unsurprising development, more evidence that vuln embargoes (or worse, partial disclosure) are not great: https://blog.cr.yp.to/20171105-infineon.html

2017.11.06 07:41:09 (927425606442201088) from "Halvar Flake (@halvarflake)", replying to "Halvar Flake (@halvarflake)" (927425465857531904):

(@hyperelliptic and @hashbreaker reproducing ROCA from limited disclosure in short time)