div align=centera rel=nofollow target=_blank href=http://www.win.tue.nl/hashclash/rogue-ca/img vspace=4 hspace=4 border=1 alt= src=http://www.blogcdn.com/www.engadget.com/media/2008/12/081230-ssl-02.jpg//abr /span style=float:right;margin-left:4px;margin-bottom:4px; /span
div align=leftBetween the a rel=nofollow target=_blank href=http://www.engadget.com/2008/12/30/playstation-home-full-of-immature-jokers-unlike-other-virtual-c/juvenile delinquent hordes of PlayStation Home/a and some a rel=nofollow target=_blank href=http://www.engadget.com/2008/12/29/ps3-unable-to-hold-its-own-against-wii-xbox-360-this-holiday-se/lackluster holiday figures/a, the PlayStation has been sort of a bummer lately, for reasons that have nothing to do with its emraison d’etre/em — gaming. That doesn’t mean that the machine is anything less than a powerhouse — as was made clear today when a group of hackers announced that they’d beaten SSL, using a cluster of 200 PS3s. By exploiting a flaw in the MD5 cryptographic algorithm (used in certain digital signatures and certificates), the group managed to create a rogue Certification Authority (CA) which allows them to create their own SSL certificates — meaning those authenticated web sites you’re visiting could be counterfeit, and you’d have no way of knowing. Sure, this is all pretty obscure stuff, and the kids who managed the hack said it would take others at least six months to replicate the procedure, but eventually vendors are going to have to upgrade all their CAs to use a more robust algorithm. It is assumed that the Wii could perform the operation just as well, if the hackers had enough room to spread out all their Balance Boards.br /br /[Via a rel=nofollow target=_blank href=http://blogs.zdnet.com/security/?p=2339ZD Net/a]/div
/divpFiled under: a rel=nofollow target=_blank href=http://www.engadget.com/category/networking/Networking/a/pp style=padding:5px;background:#ddd;border:1px solid #ccc;clear:both;a rel=nofollow target=_blank href=http://www.engadget.com/2008/12/30/hackers-playstation-3-make-ssl-much-less-secure/PlayStation 3 used to hack SSL, Xbox used to play Boogie Bunnies/a originally appeared on a rel=nofollow target=_blank href=http://www.engadget.comEngadget/a on Tue, 30 Dec 2008 17:41:00 EST. Please see our a rel=nofollow target=_blank href=http://www.weblogsinc.com/feed-terms/terms for use of feeds/a./ph6 style=clear:both;padding:8px 0 0 0;height:2px;font-size:1px;border:0;margin:0;padding:0;/h6a rel=nofollow target=_blank href=http://www.win.tue.nl/hashclash/rogue-caRead/anbsp;|nbsp;a rel=nofollow target=_blank href=http://www.engadget.com/2008/12/30/hackers-playstation-3-make-ssl-much-less-secure/ title=Permanent link to this entryPermalink/anbsp;|nbsp;a rel=nofollow target=_blank href=http://www.engadget.com/forward/1414902/ title=Send this entry to a friend via emailEmail this/anbsp;|nbsp;a rel=nofollow target=_blank href=http://www.engadget.com/2008/12/30/hackers-playstation-3-make-ssl-much-less-secure/#comments title=View reader comments on this entryComments/a
pa rel=nofollow target=_blank href=http://feedads.googleadservices.com/~at/UPbQry-nG0q44XMmtqpXwQBACSM/aimg src=http://feedads.googleadservices.com/~at/UPbQry-nG0q44XMmtqpXwQBACSM/i border=0 ismap/a/pdiv class=feedflare
a rel=nofollow target=_blank href=http://feeds.engadget.com/~f/weblogsinc/engadget?a=L0susMxUimg src=http://feedproxy.google.com/~f/weblogsinc/engadget?i=L0susMxU border=0/a a rel=nofollow target=_blank href=http://feeds.engadget.com/~f/weblogsinc/engadget?a=tPHXS3r7img src=http://feedproxy.google.com/~f/weblogsinc/engadget?i=tPHXS3r7 border=0/a
/divimg src=http://feedproxy.google.com/~r/weblogsinc/engadget/~4/hKMkUboht1Q height=1 width=1/
Source:PlayStation 3 used to hack SSL, Xbox used to play Boogie Bunnies
