from the vhat-here-in-ze-laboratory dept.
alphadogg writes "Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux."
Have you ever noticed that the people who are always trying to tell you
`there's a time for work and a time for play' never find the time for play?