I reported an insecure DKIM key to Deutsche Telekom / T-Systems.
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys Telekom. Die machen das.
-
@kkarhan @momo @badkeys @BNetzA @EUCommission Had the same issue just recently. I wonder how this can even be legal.
I wanted to ask a lawyer about this, but never came around doing so.
@Bebef @momo @badkeys Neither did I.
And the next-best qualified lawyer I'd know in that part is @wbs_legal.
- Sadly there's no legal precedent to establish the same "duty to deliver" as with #PostalOperators which ain't allowed to do anything unless explicitly instructed by the reciever or served a warrant by a judge.
- And obviously regulators like @BNetzA & @EUCommission likely ain't even aware of this issue since #ConsumerProtection doesn't apply to #SmallBusinesses!
- Sadly there's no legal precedent to establish the same "duty to deliver" as with #PostalOperators which ain't allowed to do anything unless explicitly instructed by the reciever or served a warrant by a judge.
-
@kkarhan @momo @badkeys @BNetzA @EUCommission Had the same issue just recently. I wonder how this can even be legal.
I wanted to ask a lawyer about this, but never came around doing so.
@Bebef
It's probably not, some countries have really tough laws that they apply to email delivery and privacy that makes even spam filtering a legally dicey propositionBut let me put it like this, who wants to sue a company that has a legal budget bigger than the whole government budget of some of the poorer EU MS?
And in the end as long as the users won't start moving their fat posteriors away from the big tech monopolies, ...
@kkarhan @momo @badkeys @BNetzA @EUCommission -
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys This is the mastodon method of converting a private key into a public key. Scnr.
-
R relay@relay.an.exchange shared this topic
-
@Bebef
It's probably not, some countries have really tough laws that they apply to email delivery and privacy that makes even spam filtering a legally dicey propositionBut let me put it like this, who wants to sue a company that has a legal budget bigger than the whole government budget of some of the poorer EU MS?
And in the end as long as the users won't start moving their fat posteriors away from the big tech monopolies, ...
@kkarhan @momo @badkeys @BNetzA @EUCommission@yacc143 @Bebef @momo @badkeys @BNetzA @EUCommission Depends...
In #Germany, Corporations have to archive ALL #eMails in an automated, manipulation-proof manner with indexability (incl. attachments) for #Auditability purposes.
- That's why you get stuff like benno MailArchiv.
That being said the #cowardice of #regulators is appauling and if they ain't gonna do their job, they should vacate their positions and let others do it instead.
- I'd happily do this work!
-
@Bebef
It's probably not, some countries have really tough laws that they apply to email delivery and privacy that makes even spam filtering a legally dicey propositionBut let me put it like this, who wants to sue a company that has a legal budget bigger than the whole government budget of some of the poorer EU MS?
And in the end as long as the users won't start moving their fat posteriors away from the big tech monopolies, ...
@kkarhan @momo @badkeys @BNetzA @EUCommission@Bebef
The really odd thing is it's not the oldies that nowadays are a problem, it's the youngsters, we literally had a complaint today about the PIM/office suite we use, our CEO nicely played that one. He's open to all proposals for alternatives from a company headquartered in the EEA for legal reasons.Interestingly the C level has no problem IMAP, and accessing the calendar over CalDAV. But the youngsters have never heard of these @kkarhan @momo @badkeys @BNetzA @EUCommission
-
@Bebef
The really odd thing is it's not the oldies that nowadays are a problem, it's the youngsters, we literally had a complaint today about the PIM/office suite we use, our CEO nicely played that one. He's open to all proposals for alternatives from a company headquartered in the EEA for legal reasons.Interestingly the C level has no problem IMAP, and accessing the calendar over CalDAV. But the youngsters have never heard of these @kkarhan @momo @badkeys @BNetzA @EUCommission
-
@badkeys@infosec.exchange oooofffff
But why would they turn down the bug bounty????
<img class="not-responsive emoji" src="https://content.mastodon.catgirl.cloud/custom_emojis/images/000/055/198/original/neocat_googly_shocked.png" title=":neocat_googly_shocked:" />
@tanja Because they’re cheap assholes? Just a wild guess.
-
@badkeys Telekom. Die machen das.
Die schaffen uns.
-
@badkeys bad companies that don't pay out bug bounties can have uncoordinated public disclosure as a treat :3
@lunareclipse@snug.moe @badkeys@infosec.exchange I mean, if it's out of scope, then it's not even a disclosure, as "out of scope" is an admittance that it's no biggie for the information to be public to begin with, right?
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys ReallySecureAlgorithm
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys
Not the same at all, but here are most of my dkim private keys https://www.chiark.greenend.org.uk/dkim-rotate/README.txt -
R relay@relay.infosec.exchange shared this topic
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----What wat. they published the private key?!
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys
I don't remember have ever seen lower RSA keys size than 512 bits... We have a winner here ! -
@badkeys
Do they accept mails from noncommercial mailservers at their nl branch or do they refuse them with "554 None/Bad Reputation" as the german branch does, unless the mail admin publishes full personal (!) contact infos on a webserver hosted on the smtp machine? Just asking, because THOSE guys behave like they wrote the SMTP RFCs all by themselves...@momo Hab mich damit auch schon herum geärgert und mit einem "Musterbrief" frei gekauft: https://beko.famkos.net/2023/06/02/%c2%b7t%c2%b7%c2%b7%c2%b7error/
Die haben doch echt nicht mehr alle Latten am Zaun o0
-
What wat. they published the private key?!
-
@buherator @badkeys @mcr314 probably done by an apprentice anyway
-
@badkeys
Not the same at all, but here are most of my dkim private keys https://www.chiark.greenend.org.uk/dkim-rotate/README.txt@Diziet
never even thought this could be a thing!So you're basically making it impossible to prove through DKIM signatures that a given email was actually sent from your server?
-
I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.
I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl
384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----@badkeys@infosec.exchange just a few days ago i broke an rsa384 key using yafu on my home server (a ~6 year old dell poweredge, fairly decent spec) as a practice run for something, and it took under 5 minutes -
@badkeys@infosec.exchange just a few days ago i broke an rsa384 key using yafu on my home server (a ~6 year old dell poweredge, fairly decent spec) as a practice run for something, and it took under 5 minutes@badkeys@infosec.exchange the yafu help describes using siqs for this, which would take that server 2 to 3 hours, but using nfs it took only minutes
