Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
MD5 Hack Interesting, But Not Threatening
Tim Callan, 2009-01-05

A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.

Comments Mode:
MD5 Hack Interesting, But Not Threatening 2009-01-05
Anonymous (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-06
Charlie Miller (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Robert Lemos (5 replies)
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous (1 replies)
Re: Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-12
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-08
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous
When is it "threatening"? When they post your bank statements as part of the presentation? 2009-01-23
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-06
Margot (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-07
Anonymous
Verisign were notified about this work prior to the presentation 2009-01-06
Alexander Sotirov (1 replies)
Re: Verisign were notified about this work prior to the presentation 2009-01-07
Ichinin (4 replies)
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-07
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-07
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-08
Anonymous
Re: Re: Verisign were notified about this work prior to the presentation 2009-01-08
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-08
Charles Hunter (1 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Robert Lemos (2 replies)
Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Anonymous (1 replies)
Come on Rob, he's not saying he was confused whether it was a neutral news piece or a opinionated column. He knew it was a column but wants you to note up front that the columnist has a very personal stake in the subject of the column.

I'm with him, I started reading this thinking it was an objective column about the incident and quickly realized it was essentially a rewritten VeriSign press release.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/488/35308#35308
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-14
Anonymous
Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-16
Charles Hunter
Hilarious Corporate Spin! How about some real answers? 2009-01-10
Anonymous
MD5 Hack Interesting, But Not Threatening 2009-01-12
xort
MD5 Hack Interesting, But Not Threatening 2009-01-12
Chris Fahey
Serious suggestions welcome... 2009-01-15
Robert Lemos
MD5 Hack Interesting, But Not Threatening 2009-02-02
Jamie







 

Privacy Statement
Copyright 2009, SecurityFocus