CRN

Verisign Discontinues Flawed MD5 Certificates

Mountain View, Calif.-based Verisign, a managed security service provider, said that it has immediately discontinued the flawed MD5 cryptographic function used for digital signatures, while offering a ...
Business Insider

How to Make an Unbreakable Linux Password Using a SHA-2 Hash Algorithm

In Linux, all password hashes are normally stored using the MD5 hashing algorithm in the /etc/shadow file, but MD5 is algorithmically weak due to collision vulnerabilities. The new recommended ...
Computerworld

Security Manager’s Journal: Hashing out secure applications

My company has a small team of software developers, who program applications for the business. Nothing too fancy. Sometimes the applications they produce are meant only for system-to-system ...
Computerworld

MD5 CA hack and the PS3

The good news is that most CA’s now use SHA-1 as their hash algorithm, but there are still a few CA’s that use MD5. But what I thought was a funny tidbit about the hack is that the researchers ...
ITWire

MD5 - The Internet has a Major Problem

Firstly, allow me to recap. A couple of days ago, I reported a presentation at the Chaos Computer Club conference in Berlin which outlined a major problem with the way Certificate Authorities handle ...
Network World

Microsoft: MD5 hack poses no major threats to users

In reaction to the news today that security researchers have come up with a way to spoof the digital certificates that secure many Web sites, Microsoft Corp. downplayed the threat to users. In a ...