MD5 Hack Interesting, But Not Threatening

MD5 Hack Interesting, But Not Threatening
Tim Callan, 2009-01-05

A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.

Expand all | Post comment

MD5 Hack Interesting, But Not Threatening 2009-01-05
Anonymous (1 replies)

Whoever wrote this is such a tool. Verisign is EVIL company that charges a lot of money for NOTHING. The problem is Verisign is given a monopoly by the US government.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/488/35289#35289

Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-06
Charlie Miller (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Robert Lemos (5 replies)

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous (1 replies)

Re: Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-12
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-08
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous

When is it "threatening"? When they post your bank statements as part of the presentation? 2009-01-23
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-06
Margot (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-07
Anonymous

Verisign were notified about this work prior to the presentation 2009-01-06
Alexander Sotirov (1 replies)