If this is true it is quite scary.
Never heard of lsh before. Does having lsh as the first solution suggest to anyone besides me that this is an attempt to beef up one project's marketshare at the expense of another?
If it's real, it'll make slashdot. If ssh has the exploit but lsh doesn't, then ssh will be fixed. If it's unfixable, both are broken, and a new protocol will be invented. If it's an aspect common to all security protocols, we're hosed and there's no such thing as encryption anymore.
No biggie.
Re:Hmm
IlyaM on 2003-09-16T14:11:27
Judging from recent posts in freebsd-security mailing lists it seems it is real. I'm too lazy to find relevant links in freebsd mailing list archives but belive me you will be seeing it on Slashdot very soon.Re:Hmm
jdavidb on 2003-09-16T16:01:57
There it goes. Must be real.
Re:Hmm
jordan on 2003-09-16T21:05:37
It appears that there's a fix for it already.Re:Hmm
Buck on 2003-09-16T21:45:01
Ditto
