Lots of TLS-related services affected. Browsers, servers, VPNs, SSH, mail clients, etc.
see https://weakdh.org/
In-depth analysis: https://weakdh.org/imperfect-forward-secrecy.pdf
Instructions for admins: https://weakdh.org/sysadmin.html
LogJam TLS vulnerability
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: LogJam TLS vulnerability
It's hard to blame this one on the NSA directly. All affected servers had already been getting an F on SSLLabs for ages. Fun fact, my university's service that lets you see your grades is affected. (OU's IT people are beyond incompetent. Someone should sue them for endangering student record privacy.)