Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
MD5 Hack Interesting, But Not Threatening
Tim Callan, 2009-01-05

A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Hilarious Corporate Spin! How about some real answers? 2009-01-10
Anonymous
This "column" is a total misplaced piece of propaganda. It's PR spin, plain and simple. It does not bring any clarity to the subject at hand.

What about all of the certificates that RapidSSL and Verisign issued since 1996? And since Wang's attack in 2004? And since 2007?

How many of the submit...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus