this post was submitted on 09 Feb 2025
1069 points (97.1% liked)
Technology
62063 readers
4607 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Known and vetted systems are always the most secure. Until RSA is broken, and then they'll need to update to a quantum resilient standard. Which we've had in the wild for 6 years already and the NIST has officially approved for 2 years.
We're still at least a decade away from a machine with enough qbits to do it. So i feel like we should be fine.
It's the fucking Credit Bureaus, Telecoms, and Energy Companies I worry about. They keep fucking up.
https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
Anyone who complies with the NIST standards is in a good place.
The problem is that a lot of places are not in compliance with NIST standards.
I know, I've helped patch them.
Yep, but we've got at least a decade to do it, and when new systems are stood up they "should" be in compliance.
Based on my experience if we say it needs done in a decade it will never be done.
See also: All the unemployment systems running on FORTRAN
FORTRAN could be said to be security through obscurity though /s