[12:10] <notlikethesoup> morning
[12:45] <_stink_> hi
[12:56] <cmaloney> morning
[13:21] <rick_h> morning and such
[13:22] <_stink_> courtesy of SneakyPhil who comes here now and again
[13:22] <_stink_> https://twitter.com/kennwhite/status/919522184384729089
[13:22] <_stink_> http://twitter.com/dangoodin001/status/919798487776034817
[13:31] <jrwren> Good morning.
[13:31] <jrwren> https://crocs.fi.muni.cz/public/papers/rsa_ccs17  was just reading that
[13:35] <jrwren> kinda stinks they don't specify which hardware chips and in which popular hardware they are used for that RSA one.
[13:35] <_stink_> that URL must be getting hammered
[13:50] <rick_h> yea, going to be fun
[13:51] <rick_h> I'm debating on if it's a good thing or not that I moved to google wifi for my network. I'd hope they'd be on top of updating things as it's a very push-update friendly setup
[13:51] <rick_h> though guessing updating these thinkpads with older intel hardware...ugh
[13:56] <jrwren> great read: https://uss-la-ca135.org/60/1960Judkins-Knott.html
[14:05] <rick_h> jrwren: crazy
[14:41] <_stink_> jrwren: thanks for sharing!
[14:47] <mrgoodcat> jrwren: yea it sucks that they didn't specify hardware but from what I understand it is actually not an implemenation issue but an issue with the spec itself
[14:47] <mrgoodcat> so most/all correct implementations should be vulnerable
[14:48] <jrwren> mrgoodcat: i was refering to the RSA case. You are citing the WPA2 case :)
[14:48] <jrwren> mrgoodcat: the RSA case is specific to hardware.
[14:48] <jrwren> i'm pretty sure, but not 100% that all my RSA gen keys are OK since they were openssl software generators, not some TPM hardware junk.
[14:49] <mrgoodcat> oh wow
[14:50] <mrgoodcat> i didn't look closely enough
[14:56] <cmaloney> Whee
[15:01] <mrgoodcat> 2 major vulns in 1 day
[15:01] <mrgoodcat> wew
[15:04] <rick_h> party
[17:46] <Scary_Guy> https://www.krackattacks.com for more on the WPA2 thing