-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 And they should have listened then, it was only a matter of time before someone fleshed out a practical attack, and that time is now. Then again, I am sure there some ATM's out there still using DES. How many time's do we need to prove Moore's law...
On Tue, 30 Dec 2008 15:26:46 -0500 Nelson Murilo <[email protected]> wrote: >Implementation could be new, but this vulnerabillity is knew since >2004, >the year that md5 was broken. > >http://www.cryptography.com/cnews/hash.html > >./nelson -murilo > > >On Tue, Dec 30, 2008 at 08:10:16PM +0000, n3td3v wrote: >> Aiding script kids to get credit card numbers out of folks e- >commerce >> purchases. I'm sure the U.S secret service have a special >interest in >> this vulnerability, as so much of their time nowadays is taken >up >> following up on internet carders and shutting them down. >> >> On Tue, Dec 30, 2008 at 5:03 PM, Elazar Broad ><[email protected]> wrote: >> > -----BEGIN PGP SIGNED MESSAGE----- >> > Hash: SHA1 >> > >> > SSL/PKI is only as strong as the weakest CA... >> > >> > For those of you who haven't been following this, here you go: >> > >> > http://www.win.tue.nl/hashclash/rogue-ca/ >> > http://www.phreedom.org/research/rogue-ca/md5-collisions- >1.0.ppt > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAklajuMACgkQi04xwClgpZjS4QP7Beyc04b+CoGgpDWS7ojdnPMdI8Ty XhEWqZxa5mVyy+uAFIXxc5I/J1BtsZKJPhV+mlIW9zWgUJASvn0LrLKGzzt+Bhlb3rYW pGiL8UlmBOCf99qYBRF69vevSdA3gdu/JebXIWu33nPB7qZho6SSHYCwF7u5TJILgtI3 aiL33GQ= =C7PQ -----END PGP SIGNATURE----- -- Click to become a master chef, own a restaurant and make millions. http://tagline.hushmail.com/fc/PnY6qxtWo9fln3EqgOtev3Xt2UqYrdnKRqkHGIlsPHfICpCCcCO6k/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
