The Phuctoring
There's a total of 203 RSA moduli that have been factored to date. Among the more notable sounding keys :
Nancy Laubenthal <nancy.laubenthal@gsfc.nasa.gov> ; Alexander O. Yuriev <DataLink BBS SysOp>; Sandip Bhattacharya <sandipb@member.fsf.org>; Vincent Thenhart <vincent.thenhart@piraten-rlp.de>; Robert L. Vaessen (MobileMei key generated with gpg) <rvaessen@me.com>; debian.sur5r.net Archive Automatic Signing Key (sur5r) <debian@sur5r.net>; Piraten | Martin Letzel <piratenpartei@letzel.org>; Apple Product Security <product-security@apple.com>; Andreas Heimann <Andreas.Heimann@piratenpartei-hessen.de>; Andreas Winkelbauer <andreas.winkelbauer@ieee.org>; PGP Corporation Update Signing Key; <update-key@pgp.com>; Michael Starck <michael.starck@piratenpartei-hessen.de>; Stephan Urbach <stephan.urbach@german-bash.org>; Herr Urbach <stephan.urbach@piratenpartei-hessen.de>; Carsten Lenz <carsten.lenz@piraten-ulm.de>; H. Peter Anvin <hpa@infradead.org>; H. Peter Anvin (hpa) <hpa@zytor.com>; H. Peter Anvin <h.peter.anvin@intel.com>; Eric Henry <eric_henry@intuit.com>; Eric Henry <ehenry@ehenryonline.com>; Eric Henry <eric.henry@helixstorm.com>; Eric Henry <eric.henry@ingeniumresults.com>; Richard Monk <rmonk@redhat.com>; PGP Global Directory Verification Key;
along with various university and personal accounts. The list is, obviously, not exhaustive.
This find exposes significant vulnerabilities in the OpSec practices of each and every organisation or institution mentioned. The Pirate Party, German users, something calling itself "The PGP Corporation", the FSF and Apple particularly badly hit.
Phuctor will continue as a free, open and public service in the indefinite future. Feel free to verify your future keys against the ever-growing database. Special thanks to Mr. D. J. Bernstein for refinements to the algorithm that allowed us to reduce the required workload considerably.ii
———- Pointing to futher vulnerabilities in the MobileMe Apple scam. [↩]
- Phuctor now checks a database of almost two million keys in less than twenty minutes. [↩]
Saturday, 30 April 2016
205 lol
Saturday, 30 April 2016
Well yeah I expect it'll keep growing :)