Hackersidea

DUHK — Don't Use Hard-coded Keys — is a new 'non-trivial' cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions. DUHK is the third crypto-related vulnerability reported this month after KRACK Wi-Fi attack and ROCA factorization attack. The vulnerability affects products from dozens of vendors, including Fortinet, Cisco, TechGuard, whose devices rely on ANSI X9.31 RNG — an outdated pseudorandom number generation algorithm — 'in conjunction with a hard-coded seed key.' Before getting removed from the list of FIPS-approved pseudorandom number generation algorithms in January 2016, ANSI X9.31 RNG was included into various cryptographic standards over the last three decades. Pseudorandom number generators (PRNGs) don’t generate random numbers at all. Instead, it is a deterministic algorithm that produces a sequence of bits based on initial secret values called a seed and t

Virtual Private Network, or VPN for short, is a secure network connection through which you can safely connect your device to public networks. It is widely used by large corporations, educational institutions and government agencies. It is also used by individuals who care about staying anonymous on the internet for various reasons. In countries where governments are blocking access to certain websites, people use a VPN to get around these walls of censorship. Another reason people use VPN’s is to gain access to web content restricted to certain countries; this is particularly the case with some YouTube channels, like Vevo and similar. In countries where downloading torrents is heavily monitored, like the USA for example, people use VPN to hide their internet activity and IP address from ISPs and from the torrent source. This is similarly the case for streaming, the use of streaming services like Kodi is exploding lately and the movie studios are