Hacker Newsnew | past | comments | ask | show | jobs | submit | more muterad_murilax's commentslogin

I like my coffee like I like my women...


Hey, thanks for ruining the movie for me!


Somehow, I doubt it. :)


Anyone knows if this is applicable to Covid passes used in the European Union as well?


From this [0] list it seems there are a bunch of RSA root certificates, but they all use RSA 2048 or 4096, both of which are still secure (with 4096 having diminishing returns compared to RSA 2048 [1]).

The article was about RSA 512 which has been known to be weak and crackable for a long time [2].

[0]: https://github.com/eu-digital-green-certificates/dgc-partici...

[1]: https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa40...

[2]: https://it.slashdot.org/story/99/08/29/0213230/512-bit-rsa-k...


EU is in discussions right now to expire COVID passes unless you have had recent vaccines i.e. booster shots. Which means any security mechanism that is defeated will just be fixed every 9 months.

Seems like a lot of hassle for a vaccine that is safe and will save your life.


source....?


France announced it two days ago, starting in mid January the health pass will only be valid if less than 7 months have passed since your second dose, if it's more than that you need a booster. I don't know how they'll implement this technically.


The private keys for the European Green Pass have been leaked and fake passes signed with the keys are being sold on the dark web.

https://threatpost.com/eus-green-pass-vaccination-id-private...


>UPDATE: French & Polish authorities found no sign of cryptographic compromise in the leak of the private key used to sign the vaccine passports and to create fake passes for Mickey Mouse and Adolf Hitler, et al.

Afaik it was a leaked login, not a leak of the keys.


Shouldn't they have a record of all the things they signed?

I would expect them to know where and when that Adolf pass was generated


The keys were not leaked but the web interfaces that allowed generation of these certificates was left open and accessible.

Passes have been sold (through the clear web and the dark web) but many have also been revoked since. As far as I know, the certificates being sold right now are either someone else's certificate (for places that don't check your ID when you walk in) and certificates generated by people working for places that also give out legitimate certificates, such as some pharmacies and hospitals.


The private keys were NOT leaked.

There have been fraudulently obtained passes sold on the dark web. There have also been numerous arrests throughout the whole of Europe for this.

The vast majority of the dark-web suppliers are scammers - many of the adverts include a mix of QRs people have posted to social media and a large number of example QR. Including examples that I have generated in the past and used in presentations / on github.


Why not just charge the unvaccinated with attempted manslaughter or reckless endangerment and put them all in jail? /s


Ah yes, repeat the evil dark web narrative. As if a VPS in Russia would get you into trouble. Criminals will be criminals, also if tor etc. wouldn't exist and non-criminals wouldn't get to be anonymous, too.


They haven't been revoked yet?


Some have, but not all... yet.


Also: Can the mouse pointer be "hidden" (moved) under the notch?


Perhaps Ubuntu Mate with Mutiny?


Is that still maintained ? It was an experiment in 16.04 right?


Uhm, so? Please come back when you have successfully ported it to the original Sony PlayStation or the Sega Saturn.


Could you please stop posting unsubstantive comments to Hacker News? We're trying for a different type of discussion here.

https://news.ycombinator.com/newsguidelines.html


The game has been ported it to the original PlayStation: https://reddit.com/r/PlaystationClassic/comments/pesjua/i_po...


There's a Dreamcast port apparently.


Huh? What is the point of porting it to those consoles? Or was this just a troll?


> Castlevania, Contra, MGS.

Those are Konami IPs, though.


Thnx, murilax. I always get Konami and Capcom IPs mixed up ;)

Interestingly, looking at Japanese gaming majors by rev: Bandai (¥600B), Square (¥300B), Konami (¥280B), Sega (¥250B), Capcom (¥95B), I think it roughly tracks with value of IP warchests. Capcom, if it can get Disney to sign off on a Marvel v Capcom re-boot, may have an ace in the hole.

https://www.capcom.co.jp/ir/english/finance/million.html


> Hell is other people

Well, maybe not other people in general, but certainly colleagus at work...


I feel like you missed the point of the post :)


So?


The original HN-rewritten title ”What would happen if I lost 1% of my electrons?” was way better imho.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: