: Verisign says it's stopped using MD5, as of around noon Pacific time. To quote:
"We're disappointed that these researchers did not share their results with us earlier," writes Tim Callan
, "but we're happy to report that we have completely mitigated this attack."
Is there anything the PlayStation 3 console can't do? From [Register or Login to view links]
to simulating [Register or Login to view links]
... and now breaking Internet security?!
A team of researchers from the U.S., Switzerland and the Netherlands have found a way of bypassing the security of digital certificates provided by companies like Verisign. These digital certificates help transmit your credit card information on the Internet in a secure manner.
By using 200 PS3 systems linked together, researchers were able to do the math that helped them decrypt the MD5 hash that's used by Verisign. The researchers would be able to mimic online retail sites, potentially stealing tons of valuable information from consumers. It appears researchers want the hash to be replaced by a more potent one.
Finally, it's unrealistic to expect hackers will be able to replicate the results of these researchers any time soon. Getting 200 PS3s linked to each other can be quite a pricey feat!