this post was submitted on 10 Apr 2026
68 points (97.2% liked)

Privacy

5501 readers
330 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
68
Yikes, Encryption’s Y2K Moment is Coming Years Early (www.eff.org)
submitted 1 day ago by schnurrito@discuss.tchncs.de to c/privacy@lemmy.dbzer0.com
26 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] bearboiblake@pawb.social 2 points 8 hours ago* (last edited 7 hours ago) (2 children)

I think you're missing the point. Dual_EC_DRBG is a random number generator, standardized by National Institute of Standards and Technology. It was a NIST standard, widely used by many others beyond the RSA corporation itself, and is likely still in use. We know for a fact that the RSA corporation was compromised by the NSA, but this goes beyond them. More importantly, what else has the NSA compromised that don't we know about? This is just one story.

You can save your replies, I'm not going to discuss this further.

Edit: Jesus, dude, you are seriously invested in defending NSA backdoors, huh? Keep screaming into the void. I'm changing nothing, keep yapping if you want to.

[–] Redjard@reddthat.com 1 points 8 hours ago* (last edited 8 hours ago)

NSA has long since broken RSA

This is clearly referring to the algorithm. You don't "break" a company.

There is also little reason to bring up the RSA company at all, it is for all intents completely irrelevant.

Please just edit your root message to talk about the EC (Dual_EC_DRBG) that is not really in use anywhere but at least real and something security people know of.

If you say the nsa has broken rsa, you are making a lot of sysadmins sweat for no reason.

[–] Redjard@reddthat.com 0 points 8 hours ago

Speaking of which

and intentionally put vulnerabilities into Ec25519

25519 is the fixed one. It is also not backdoored. Please fix that aswell. It is only Dual_EC_DRBG that is affected, not RSA nor ECDSA/ED25519