2 comments
I have no experience with high level math or encryption so saying this idea is even half-baked would be an overstatement. For a few years I have wondered if the fact that Windows kernel defaults to UTF16 encoding and if the fact that majority of text would be half 00 (e.g. capital A = 00 41) would allow for some similar attack vectors?
Kind of reminds me of <a href="https://lists.debian.org/debian-security-announce/2008/msg00152.html" rel="nofollow">https://lists.debian.org/debian-security-announce/2008/msg00...</a><p>Interesting they could not figure out pattern 1? Wonder if there is any additional metadata to point at a vendor or provider..
My best guess would be some kind of netapp product, as we saw some self-signed certs on hosts that identified as netapp. But netapp didn't answer, and we got either no or no useful feedback from any of the certificate owners. So we ended up being unable to figure that out.<p>I'll probably share a list in some way soon and will try to ask the wider cryptographic and TLS community if anyone can figure it out.
Hanno - we may have communicated before some years ago, but am more than happy to offer any help I can (if some of our customers are/were affected, happy to reach out and see if they can give you more answers as to which products).
nick (at) sectigo (dot) com