Stories
Slash Boxes
Comments
typodupeerror delete not in
  • Preferences

+-   CCC Create a rogue CA certificate-> on Tuesday December 30 2008, @10:48AM t3rmin4t0r

Submitted by t3rmin4t0r on Tuesday December 30 2008, @10:48AM
security
t3rmin4t0r writes "Just when you were breathing easy about Kaminsky, DNS and the word hijacking, by repeating the word SSL in your head, the hackers at CCC were busy at work making a hash of SSL certificate security. Here's the scoop on how they set up their own rouge CA, by (from what I can figure) reversing the hash and engineering a collision up in MD5 space. Until now, md5 collisions have been ignored because nobody would put in that much effort to create a useful dummy file, but a CA certificate for phishing seems juicy enough to be fodder for the botnets now."
Link to Original Source
submission
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

CCC Create a rogue CA certificate 0 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
Search
"If anything can go wrong, it will." -- Edsel Murphy

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.