Hackers Use PlayStation 3 To Hack SSL
To those thinking that the only use of your PlayStation 3 is to play Blu-Ray movies, there's a new reason to rejoice.... err maybe not. A group of hackers was able to crack SSL by using a cluster of 200 PS3s.
Our main result is that we are in possession of a “rogue” Certification Authority (CA) certificate. This certificate will be accepted as valid and trusted by many browsers, as it appears to be based on one of the “root CA certificates” present in the so called “trust list” of the browser. In turn, web site certificates issued by us and based on our rogue CA certificate will be validated and trusted as well. Browsers will display these web sites as “secure”, using common security indicators such as a closed padlock in the browser’s window frame, the web address starting with “https://” instead of “http://”, and displaying reassuring phrases such as “This certificate is OK ” when the user clicks on security related menu items, buttons or links.
Click here to learn more.
No comments:
Comments on GameOPS are moderated. Please keep your comments relevant to this blog entry.
If you don't have a Google, LiveJournal, Wordpress, AIM, Typepad or OpenID account, please choose NAME/URL when posting a commment. Anonymous comments will be rejected.