This Blog

Syndication

Tags

Get Connected With Aubrey

MD5, PKI Compromised

A vulnerability has been identified with MD5 hashing that would allow an attacker to basically impersonate any SSL-secured website on the Internet. This is going to have serious and far-reaching implications. Combine that with the number of computers out there that are compromised by some virus or malware that has hijacked the hosts file, and it would be pretty easy to start collecting credit card numbers, bank account info, etc. You can read the full details here.

Even if you don't read the whole thing, check out their PlayStation Lab.

Only published comments... Dec 30 2008, 05:45 PM by Aubrey
Filed under: , ,

Comments

 

Mike Halsey said:

It's been about eighteen hours now since this was revealed and I'm still amazed that the mainstream press haven't picked up on the story.

This is potentially a huge issue because it looks, on the face of it, that it would be hideously complex and expensive to fix.

The irony being that in 2009 it could help drive people back to the high street so it's not all bad news.

December 31, 2008 4:05 AM
Windows is a registered trademark of Microsoft Corporation.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems Themed By nb development