SSL broken! Hackers create rogue CA certificate using MD5 collisions

By -
SSL broken! Hackers create rogue CA certificate using MD5 collisions | Zero Day | ZDNet.com
"Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority (CA), a breakthrough that allows the forging of certificates that are fully trusted by all modern Web browsers."

Comments

Post a Comment

Popular posts from this blog

The Old Engineer and the Hammer

By -
Image
This parable is an old one. I told this last week to one of my team members at work and wanted to find the original. Since this is an old parable, I found different versions of this story over the Internet. In some versions the story revolves around a broken down ship, while in others a large machine in a factory. The version I'm quoting below is what I remember reading ages ago. It's 2019. I'm turning 40 this year. The first time someone paid me money to write code was back in early 2003. This means that my career also turned 16, going on 17 this year. As a senior staff member, I do find myself championing the value of skills and expertise in software engineering, especially to young graduates doing their rotation in my software engineering team. This old parable stuck somewhere in my head all those years ago. I still think it's the best parable told about the value of expertise and staying sharp. I hope it serves someone else as it does me ...   A gian
Read more

TechCrunch50 Conference 2008

By -
The TechCrunch50 Conference aims to find the best start-ups and launch them in front of the industry’s most influential VCs, corporations, fellow entrepreneurs and press. The 2008 event is under way. Checkout Ashton's new startup Blah Girls , pitched by the man himself.
Read more

An overnight success, 10 years in the making ....

By -
Image
“An overnight success is ten years in the making.”   ― Tom Clancy, Dead or Alive ---- I haven't written a long form blog post in a while. So I thought I'd post an update here on what I've been working on during my absence. Hope you enjoy the read! I picked this title for a good reason too. Sometimes, for the casual onlooker, an innovation might seem like magic, or worse, trivial. As an engineer, my first response to such onlookers would be... "if that's the case, try to do it yourself... overnight!". A more useful response would be to get them to read my previous post about The Old Engineer and the Hammer .  ---- The focus of this post is an API Orchestrator I built a couple of years ago (that's 2018, in case you are reading this from a far future date, from a colony in Mars).  We initially started calling it the Service Domain Manager. However, we eventually decided Cloud Domain Manager describes the specific area of the business it belongs to, better th
Read more