Comments on: 25C3: Hackers completely break SSL using 200 PS3s

By: grook

grook — Wed, 11 Aug 2010 17:29:14 +0000

breaking the SSL was a dream for a lot of people

By: Miami Web Design Firm

Miami Web Design Firm — Tue, 06 Jul 2010 19:03:35 +0000

isnt the military using like 300 ps3′s for something. i found this article the other day at

“The Air Force Research Laboratory is conducting a technology assessment of certain cell
processors. The processors in the Sony PlayStation 3 are the only brand on the market that utilizes the specific cell processor characteristics needed for this program at an acceptable cost.”

By: ThE XbOx

ThE XbOx — Sun, 21 Mar 2010 02:32:52 +0000

that’s about all the PS3 is good for it seems.

By: Confused.com

Confused.com — Thu, 29 Oct 2009 20:08:12 +0000

Why operate so close to the technological boundary? Are we so tight with storage and processing power that we can’t put MD5 and SHA together so a collision requires collisions in both.

My guess is that would be safe for our lifetime…

By: cctv

cctv — Fri, 04 Sep 2009 09:33:36 +0000

“~$20K of Amazon EC2 time.”

One PS3 is 300$, they used 200 of them which makes 60.000$. They could have bought 3 times the EC2 time and then be over with it, i really hope the ps3 found a good home after the test finished. Good work though.

By: filtermd

filtermd — Fri, 21 Aug 2009 17:00:33 +0000

Posted at 9:49 am on Dec 30th, 2008 by epicelite
>Well lets hope bad people cannot afford 200 PS3’s.

yeah, most of us can’t :-/

By: zz

zz — Tue, 02 Jun 2009 14:46:51 +0000

http://www.baidu.com

By: randall5

randall5 — Sat, 30 May 2009 07:21:10 +0000

im more interested in what they do with the ps3s when they arent using them for hacking… thatd be a sweet entertainment room

By: hazed

hazed — Sun, 15 Feb 2009 10:13:04 +0000

Wow. That’s some really expensive phishing right there. I can’t afford one PS3 and they hacked together something like this with 200. Sha can’t possibly be used as a solution in it’s current state. It’s just as broken as MD5.

By: A.hacker

A.hacker — Fri, 30 Jan 2009 23:53:15 +0000

You could do that using a Tesla desktop supercomputer now, probably quicker too.

md5 is dead.

By: Zypher

Zypher — Mon, 26 Jan 2009 08:27:09 +0000

@ J
lulz

By: firedward

firedward — Sun, 25 Jan 2009 23:01:31 +0000

basically yes. i wonder if i could use this to defend my website from goverment initrusion?

By: Michaelangelo

Michaelangelo — Sat, 24 Jan 2009 22:13:30 +0000

SO your telling me if I buy 200 hundred Ps3′s I don’t have to buy a rapidshare account!!! Score!!…

By: WulfTheSaxon

WulfTheSaxon — Mon, 12 Jan 2009 03:41:17 +0000

@sam

The NSA’s tweak appears to be justified. See, for example, http://en.wikipedia.org/wiki/SHA#SHA-0_and_SHA-1

However, I’d tend to avoid SHA-1 anyway. It’s been shown to be a bit flawed, and I don’t really see any barrier to adoption of SHA-256. Work is beginning on SHA-3 — it’s long past time to ditch even SHA-1.

By: julius

julius — Thu, 08 Jan 2009 12:59:26 +0000

No teneis ni puta idea de lo que estáis hablando. Sacado del documento original:

The vulnerability we expose is not in the SSL protocol or the web servers and browsers that implement it, but in the Public Key Infrastructure. This infrastructure has applications in other areas than the web, but we have not investigated all other possible attack scenarios. So other attack scenarios beyond the web are conceivable, such as in the areas of code signing, e-mail security, and in other areas that use certificates for enabling digital signatures or public key encryption.

A leer más, chicos!!!