Phuctor is a public service operated by S.NSA. It catalogues extant RSA public keys which are inexpensively breakable by any known means.

A short "trip down memory lane" is in order. From 2006 to 2008, Debian shipped with a sabotaged SSH key generator — which was capable of producing strictly 32768 distinct private keys of any given length.

According to Official Truth, this particular story ended in 2008, when the Debian "bug" was fixed. But in reality, a carefully-engineered boobytrap is truly a gift that keeps on giving.

Phuctor has been digesting SSH keys obtained from a scan of the complete IPv4 space since June of 2016. These have yielded, and continue to yield, breakable RSA moduli.

On Wednesday, November the 16th, factors from 168923 trivially-breakable "Debianized" RSA keys1 were added to Phuctor's database. This resulted in a discovery of 1366 distinct hits, distributed across 689 newly-broken RSA moduli. The count of RSA SSH keys (each found at a particular scanned IP, and not necessarily unique) present in Phuctor's database at the time was 2941798. The 689 moduli represented a set of 1074 IP addresses where a machine had responded to an SSH query.2

This leads us to an interesting conclusion: roughly 1 in 2700 SSH-capable machines in the IPv4 space is actively making use of a "Debianized" SSH key, even today; its traffic is effortlessly transparent to enemy eyes.

Peace in our time, shitgnomes!