[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Subject: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: rodrick.brown at gmail.com (Rodrick Brown)
Date: Fri, 2 Jan 2009 09:04:26 -0500

A team of security researchers and academics has broken a core piece
of Internet technology. They made their work public at the 25th Chaos
Communication Congress in Berlin today. The team was able to create a
rogue certificate authority and use it to issue valid SSL certificates
for any site they want. The user would have no indication that their
HTTPS connection was being monitored/modified.

http://hackaday.com/2008/12/30/25c3-hackers-completely-break-ssl-using-200-ps3s/
http://phreedom.org/research/rogue-ca/


--
[ Rodrick R. Brown ]
http://www.rodrickbrown.com http://www.linkedin.com/in/rodrickbrown

Follow-Ups:
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: jgreco at ns.sol.net (Joe Greco)
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: jabley at hopcount.ca (Joe Abley)
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: hescominsoon at emmanuelcomputerconsulting.com (William Warren)

Prev by Date: BGP Update Report
Next by Date: Looking for verification that Google and Akamai have the geo-ip for 96.31.0.0/20 set correctly
Previous by thread: BGP Update Report
Next by thread: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Index(es):
- Date
- Thread