If you believe that being able to sometimes compromise some implementations of SSH under some circumstances means that you shouldn't use SSH for anything then maybe you shouldn't use the Internet at all.
Yea I was fairly confused about that announcement as I couldn't find anything damning in the released docs about SSH. Do you have a reference to a specific document/slide?
The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.
Still incredibly vague. If they're archiving all traffic in
hopes of decrypting it some day though, it's safe to say we should treat anything on the internet as the shiny side of one way glass.
Right, I saw that also. Is it referring to routers that happen to run SSH with default root/admin passwords or something? I couldn't find anything more concrete.
That's weird all the CCC videos were returning 404. The link appears to be working again now. It's a few days since I watched but I inferred that SSH may have some undisclosed vulnerabilities.
