[cryptography] The lesser-known public key in embedded devices
m.lukaszuk at gmail.com
Mon Oct 8 04:18:07 EDT 2012
On Mon, Oct 8, 2012 at 12:32 AM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> I was recently sitting downstream of a Deutsche Telekom Speedport router and
> noticed that it used a certificate signed by a commercial CA (issued to the
> wrong name and expired, but that's another story). The fact that it's a
> commercial CA cert indicates that there's only one of them for all Speedport
> devices, which in turn indicates that they all share the same private key.
> Has anyone looked into this further? I lost access to the Speedport shortly
> after I noticed this.
Have you seen this
More information about the cryptography