MD5 Hack Interesting, But Not Threatening

MD5 Hack Interesting, But Not Threatening
Tim Callan, 2009-01-05

A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.

Expand all | Post comment

MD5 Hack Interesting, But Not Threatening 2009-01-05
Anonymous (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-06
Charlie Miller (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Robert Lemos (5 replies)

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous (1 replies)

Re: Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-12
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-06
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-08
Anonymous

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-22
Anonymous

When is it "threatening"? When they post your bank statements as part of the presentation? 2009-01-23
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-06
Margot (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-07
Anonymous

Verisign were notified about this work prior to the presentation 2009-01-06
Alexander Sotirov (1 replies)

Re: Verisign were notified about this work prior to the presentation 2009-01-07
Ichinin (4 replies)

Re: Re: Verisign were notified about this work prior to the presentation 2009-01-07
Anonymous

Re: Re: Verisign were notified about this work prior to the presentation 2009-01-08
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-08
Charles Hunter (1 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Robert Lemos (2 replies)

Re: MD5 Hack Interesting, But Not Threatening 2009-01-09
Anonymous (1 replies)

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-14
Anonymous

Take the criticism you are seeing here as one that is constructive. This site has been going downhill for some time. You may also want to add some blogs that are useful. Having emergentchaos here is really pointless as they have not written any useful. Why have them? Perhaps ask someone like Aitel or HD Moore to blog here or mirror theirs. That would be some nice hard information that is indeed computer security centric. SF needs to get back to what it used to be. As it stands it is a former shadow of itself.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/488/35327#35327

Re: Re: MD5 Hack Interesting, But Not Threatening 2009-01-16
Charles Hunter

Hilarious Corporate Spin! How about some real answers? 2009-01-10
Anonymous

MD5 Hack Interesting, But Not Threatening 2009-01-12
xort

MD5 Hack Interesting, But Not Threatening 2009-01-12
Chris Fahey

Serious suggestions welcome... 2009-01-15
Robert Lemos

MD5 Hack Interesting, But Not Threatening 2009-02-02
Jamie