Comment on 512-bit RSA key in home energy system gives control of “virtual power plant”

<- View Parent
GreenEngineering3475@lemmy.world ⁨2⁩ ⁨months⁩ ago

In an email, a GivEnergy representative reinforced Castellucci’s assessment, writing:

In this case, the problematic encryption approach was picked up via a 3rd party library many years ago, when we were a tiny startup company with only 2, fairly junior software developers & limited experience. Their assumption at the time was that because this encryption was available within the library, it was safe to use. This approach was passed through the intervening years and this part of the codebase was not changed significantly since implementation (so hadn't passed through the review of the more experienced team we now have in place).

source
Sort:hotnewtop