Gaming HTTPS no longer secure

sylux92 · Jan 6, 2009

January 1, 2009-Researchers have found a way to crack SSL/TLS/HTTPS by modifying the MD5 hash. It works by creating fake SSL hashes and applying them to phishing websites to trick people into thinking they're real. The researchers have hacked VeriSign, and can create fake signatures for any website. A link to the article here.

strata8 · Jan 6, 2009

QUOTE said:
You can view the rough cloned CA signed certificate at
https://i.broke.the.internet.and.all.i.got....t.phreedom.org/

*Click*

FirefoxSecure Connection Failed
i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org uses an invalid security certificate.

The certificate is not trusted because the issuer certificate has expired.
The certificate expired on 9/2/2004 10:00 AM.

(Error code: sec_error_expired_issuer_certificate)

Fail.

coolbho3000 · Jan 6, 2009

Gives me a reported phishing website in Firefox.

Also:

QUOTE said:
We have intentionally crippled our rogue CA certificate with an expiration date in August 2004. This is not a limitation of our method, just a precaution against a misuse of our CA if it ever falls into the wrong hands.

Gaming HTTPS no longer secure

Well-Known Member

Look! A pointless distraction!

GBATemp Kikkoman Naturally Brewed SoySauce Fanatic

Similar threads

Popular threads in this forum