Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
MD5 Hack Interesting, But Not Threatening
Tim Callan, 2009-01-05

A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.

Comments Mode:
MD5 Hack Interesting, But Not Threatening 2009-01-05
Anonymous (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-06
Charlie Miller (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Robert Lemos (5 replies)
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous (1 replies)
I would agree with Charlie's point of view on this one. Bad optics. The site seriously needs to get back to computer security instead of what is presently being offered as seen in its present columns. This has been echoed enough times already.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/488/35294#35294
Re: Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-12
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-08
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous
When is it "threatening"? When they post your bank statements as part of the presentation? 2009-01-23
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-06
Margot (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-07
Anonymous
Verisign were notified about this work prior to the presentation 2009-01-06
Alexander Sotirov (1 replies)
Re: Verisign were notified about this work prior to the presentation 2009-01-07
Ichinin (4 replies)
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-07
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-07
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-08
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-08
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-08
Charles Hunter (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Robert Lemos (2 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Anonymous (1 replies)
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-14
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-16
Charles Hunter
Hilarious Corporate Spin! How about some real answers? 2009-01-10
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-12
xort
MD5 Hack Interesting, But Not Threatening 2009-01-12
Chris Fahey
Serious suggestions welcome... 2009-01-15
Robert Lemos
MD5 Hack Interesting, But Not Threatening 2009-02-02
Jamie







 

Privacy Statement
Copyright 2009, SecurityFocus