5 comments

[ 4.2 ms ] story [ 25.7 ms ] thread
Wonder if the timing of this is related to the expected Ukrainian offensive?
If you had a backdoor to feed fake intel to Russia, would you shut it down before a Ukranian offensive or would you feed them some juicy fake intel?
Right... they likely did just that (fed fake intel)... then possibly decided that the risk of FSB coordinating good info during the UKR offensive was greater than the value of keeping their fake intel feed? Maybe sends a signal?

It's all just speculation when dealing with spook world.

https://media.defense.gov/2023/May/09/2003218554/-1/-1/0/JOI... has some interesting technical details.

Good to see the bad guys also make bits-vs-bytes mistakes, with their 128 bit Diffie-Hellman key. But it's puzzling why they'd be using OpenSSL, it's not the easiest software to embed. I guess they don't have to worry about the advertising license clause!

Well, according to that paper, development started in 2003-ish time frame. Not many choices back then for ssl libraries, especially when you're using C as your development language. Thanks for posting the link!