PDA

View Full Version : SSL has been cracked!


Czar
01-02-2009, 02:18 AM
A group of security researchers have used a cluster of 200 PS3 gaming consoles - of all things - to crunch numbers in order to exploit a known weakness in the popular MD5 encryption algorithm.

Read about this exploit here:
http://blogs.zdnet.com/security/?p=2339&tag=nl.e550

This could make it harder to combat phishing websites and other rogue operators.

Bondings
01-03-2009, 08:15 AM
If I'm not mistaken, this has already been fixed by Verisign. Still quite frightening this was able to happen in the first place, especially since it was known for quite some time that md5 hashes shouldn't be used anymore.

http://www.thetechherald.com/article.php/200852/2708/VeriSign-replaces-RapidSSL-certificates

Czar
01-06-2009, 11:51 AM
Fortunately, the Internet Explorer and FireFox teams are both on the case too; responding quickly to help protect consumers against the exploit:
http://www.internetnews.com/security/article.php/3793976/Mozilla+Microsoft+Move+to+Nix+Web+Security+Flaw.ht m