Researchers Crack Online Encryption System
An online encryption method widely used to protect banking, email, e-commerce and other sensitive Internet transactions is not as secure as assumed, according to a report issued by a team of U.S and European cryptanalysts.
www.cio.com/article/700215/Researchers_Crack_Online_Encryption_System
I didn’t delve into the details on this because it strikes me much like creating a brouhaha by saying passwords are insecure because someone can look over your shoulder as you type it. If your random number generator for generating random keys isn’t that random (in cryptography circles the most common failure is to seed rand() with time() or clock(), something trivially easy to reproduce (not that using rand() is very random to begin with)) then _clearly_ the keys you generated won’t be random. I guess this might be interesting news to people who don’t know a damn thing about cryptography, but then again ignorant people are, by definition, unknowing of things. It would sort of like be an article detailing how specific stitching patterns on the veins and arteries of heart bypass patients might lead to increased leaks in the hands of unskilled surgeons, in other words, totally pointless to anyone except, just possibly, unskilled heart surgeons.
Besides, ‘perfect’ encryption is a total mirage anyway.
