Wireless Office

Lennart Sorensen lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Mon Jan 5 17:00:36 UTC 2009


On Wed, Dec 31, 2008 at 05:05:19PM -0500, Mel Wilson wrote:
> Fernando Duran wrote:
> [ ... ]
> >I'm saying "almost always" to be cautious but in fact
> >I've never heard for example of a real remote server
> >that was compromised purely by cracking a current
> >cryptographic algorithm, if somebody knows of a case
> >I'd love to have a link. Most of the security problems
> >in servers come from 1) weak passwords and 2)
> >unpatched old software.
> 
> According to Slashdot, SSL certificates may no longer be trustworthy..
> 
> <http://it.slashdot.org/article.pl?sid=08/12/30/1655234>

No, MD5 based SSL certificates may no longer be trustworthy because MD5
has been broken.  People have recommended for years to stop using MD5,
yet some people don't listed (like verisign by the looks of it).

-- 
Len Sorensen
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list