| Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Certificate fingerprint: 18AC895FE573205021220326A166CC643C7C1C86
An attack has been demonstrated yesterday that highlights the practicality of the well-publicized weaknesses of the MD5 algorithm. Essentially, any certificate signed with the MD5 algorithm may be counterfeit.
The demonstrated attack has two notable prerequisites: the ability to predict information in the prefix blocks of the data, and the present existence of CAs that use MD5-RSA to sign CSRs.
Since RapidSSL quite quickly switched to SHA1, the latter prerequisite seems to be harder to come across. (They issued a certificate to me at 9am this morning, less than 24 hours after the attack has been publicized, and this certificate no longer uses MD5.)
There is, however, a large number of CAs out there, and it is certain that some of them will continue to use MD5 for one reason or another. As for predicting information in the prefix block: some CAs may make this harder than others, but some low-volume CAs may require even less of an effort than RapidSSL did.
The real issue is, however, that this current attack is just a sign of things to come. MD5 has been known to have been weak for years, and now a small team with relatively modest resources essentially gained the ability to spoof any secure website on the Internet. Things are likely to accelerate from here and newer, more devastating attacks on MD5 are likely to surface soon.
More info about md5 weakness: [link]
----------
Harvie's blog: [link] g33k-shop: [link] fs: [link]
Registered GNU/LINUX user #468114 [link]
(odpovědět) | Harvie |  |  |  283782978 | 3.1.2009 20:10 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| nejsme financni institut =)
(odpovědět) | Emkei | | |  | 3.1.2009 21:32 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Hlavne ze ani netvrdite, ze SOOM.cz je portál zabývající se převážně bezpečností v oblasti informačních technologií, a to již od roku 2003. Kromě hlavního zaměření, kterým je hacking, cracking, phreaking, lockpicking a programování, provádí i různé recenze softwaru a literatury...
;oP
----------
Harvie's blog: [link] g33k-shop: [link] fs: [link]
Registered GNU/LINUX user #468114 [link]
(odpovědět) | | Harvie | | | 283782978 | 3.1.2009 22:00 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| a k cemu myslis, ze tady to SSL je? je to spis vstricny krok k lidem, kteri maji radi anonymitu, nejde o zadne zabezpeceni, ktere by bylo nezbytnou soucasti portalu, nebot se hesla posilaji hashovana i pri pouziti klasickeho http protokolu.
(odpovědět) | | Emkei | | | | 3.1.2009 23:11 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| a k cemu je, ze se odesila hashovane? tak se tak prihlasim, ne? :-D
(odpovědět) | | sg11.tk_ | 84.42.249.* | 4.1.2009 0:37 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| k tomu, ze ho pripadny utocnik neodsniffuje v plain textu...
(odpovědět) | | Emkei | | | | 4.1.2009 11:33 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| az na to, ze utocnik ho muze zahashovany poslat taky ;)
----------
Harvie's blog: [link] g33k-shop: [link] fs: [link]
Registered GNU/LINUX user #468114 [link]
(odpovědět) | | Harvie | | | 283782978 | 4.1.2009 13:01 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| to ano, ale heslo znat nebude (by ses divil, kolik lidi pouziva jedno heslo na vice sluzeb =)
(odpovědět) | | Emkei | | | | 4.1.2009 13:45 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| to ovsem neni tvuj problem narozdil od toho, ze nekdo prdelacovi ukradne ucet a zacne psat rozumny prispevky...
----------
Harvie's blog: [link] g33k-shop: [link] fs: [link]
Registered GNU/LINUX user #468114 [link]
(odpovědět) | | Harvie | | | 283782978 | 31.1.2009 18:43 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Me prispevky rozumne jsou. Smetak jako ty vsak nevidi ten nadhled. Mam ti rikat Harvie nebo killall most nebo nejak jinak?
(odpovědět) | | .( | ) | 213.151.78.* | 1.2.2009 0:40 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| No ja sem si proste musel rejpnout ;P
----------
Harvie's blog: [link] g33k-shop: [link] fs: [link]
Registered GNU/LINUX user #468114 [link]
(odpovědět) | | Harvie | | | 283782978 | 4.1.2009 13:01 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Tve rypnuti a me rypnuti == jina liga. Moje == Extraliga, tvoje == Teplakov liga
(odpovědět) | | .( | ) | 213.151.78.* | 1.2.2009 13:31 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Harvie, dej si kakao a neplantej kraviny. Uz ani trapny s tim nejsi :D
(odpovědět) | | __( | )__ | 213.151.78.* | 3.1.2009 23:56 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Takovej maras tady, to sou hovna, to nemate nic lepsiho na praci? : ) Haevie prej napise vlastni portal a bude nam vypravet ... kdo vi.
(odpovědět) | | AnarchyEM | 89.102.101.* | 30.3.2009 15:10 |
|
|
|
| re: Soom.cz:1010 - Weak SSL certificate for HTTPs | # |
| Neco tu smrdi... ze by to byla neci (|) ?
(odpovědět) | | .... | 193.200.150.* | 1.4.2009 11:46 |
|
|
|
