Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
hescominsoon at emmanuelcomputerconsulting.com
Fri Jan 2 15:09:32 CST 2009
Rodrick Brown wrote:
> A team of security researchers and academics has broken a core piece
> of Internet technology. They made their work public at the 25th Chaos
> Communication Congress in Berlin today. The team was able to create a
> rogue certificate authority and use it to issue valid SSL certificates
> for any site they want. The user would have no indication that their
> HTTPS connection was being monitored/modified.
> [ Rodrick R. Brown ]
> http://www.rodrickbrown.com http://www.linkedin.com/in/rodrickbrown
ssl itself wasn't cracked they simply exploited the known vulnerable md5
hashing. Another hashing method needs to be used.
More information about the NANOG