Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Deepak Jain
deepak at ai.net
Fri Jan 2 21:13:45 UTC 2009
> If done properly, that's actually an easier task: you build the update
> key into the browser. When it pulls in an update, it verifies that it
> was signed with the proper key.
>
If you build it into the browser, how do you revoke it when someone throws 2000 PS3s to crack it, or your hash, or your [pick algorithmic mistake here].
Deepak
More information about the NANOG
mailing list