The New York Times: A team of European and American researchers have discovered that RSA encryption, the method most websites use to secure transactions, has a fatal flaw. The problem lies with the algorithms used to create the public keys. A very small fraction of the time, the prime numbers used to generate those keys are not random, meaning that the encryption can be easily broken and essentially offers no security at all.
Out of 7.1 million public keys analyzed, the researchers “stumbled upon” almost 27,000 that offered no security. “Their secret keys are accessible to anyone who takes the trouble to redo our work,” they wrote. “The lack of sophistication of our methods and findings make it hard for us to believe that what we have presented is new, in particular to agencies and parties that are known for their curiosity in such matters.”