{"id":35766,"date":"2022-04-27T20:33:33","date_gmt":"2022-04-28T01:33:33","guid":{"rendered":"http:\/\/huewhite.com\/umb\/?p=35766"},"modified":"2022-04-27T20:33:33","modified_gmt":"2022-04-28T01:33:33","slug":"pining-after-anachronisms","status":"publish","type":"post","link":"https:\/\/huewhite.com\/umb\/2022\/04\/27\/pining-after-anachronisms\/","title":{"rendered":"Pining After Anachronisms"},"content":{"rendered":"<p><em><strong>The Register<\/strong><\/em> <a href=\"https:\/\/www.theregister.com\/2022\/04\/20\/java_authentication_bug\/\" target=\"_blank\" rel=\"noopener\">reports<\/a> on the <em>Crypto Bug of the Year<\/em>:<\/p>\n<blockquote><p>Java versions 15 to 18 contain a flaw in its [Elliptic Curve Digital Signature Algorithm] signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.<\/p>\n<p>Cyber-criminals could therefore pass off cryptographically signed malicious downloads and bogus information as if it were real, and affected Java applications and services won&#8217;t know the difference.<\/p>\n<p>The scope of the damage that could be done is wide: encrypted communications, authentication tokens, code updates, and more, built on Oracle&#8217;s flawed code could be subverted, and as far as vulnerable Java-written programs are concerned, the data looks legitimate and trustworthy.<\/p><\/blockquote>\n<p>Ah! For the days of CP\/M and 58K TPA (Transient Program Area). Yeah, that&#8217;s right &#8211; &#8216;K&#8217; &#8211; meaning 1000. When programming wasn&#8217;t for the sloppy.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Register reports on the Crypto Bug of the Year: Java versions 15 to 18 contain a flaw in its [Elliptic Curve Digital Signature Algorithm] signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations. Cyber-criminals could therefore pass \u2026 <a class=\"continue-reading-link\" href=\"https:\/\/huewhite.com\/umb\/2022\/04\/27\/pining-after-anachronisms\/\"> Continue reading <span class=\"meta-nav\">&rarr; <\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-35766","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/35766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/comments?post=35766"}],"version-history":[{"count":1,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/35766\/revisions"}],"predecessor-version":[{"id":35767,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/35766\/revisions\/35767"}],"wp:attachment":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/media?parent=35766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/categories?post=35766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/tags?post=35766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}