> We have computed the very first chosen-prefix collision for SHA-1. In a nutshell, this means a complete and practical break of the SHA-1 hash function, with dangerous practical implications if you are still using this hash function. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1. Check our paper here for more details.

@bram love to read how much of a clownshoes operation cacert still is, tbqh

@bram apparently! They sent me a newsletter a few months ago about how they'd *totally* moved past all their previous drama, it was quite a read. And now, well.

@bram and it only costs around 20 to 10k usd to do the big hacc.

that's pretty much free.

Sign in to participate in the conversation

This is a mastodon instance for social justice activists, LGBTQIA+ people, and activists in general See the Goals and technical details, and Rules and privacy policy pages for more information