> We have computed the very first chosen-prefix collision for SHA-1. In a nutshell, this means a complete and practical break of the SHA-1 hash function, with dangerous practical implications if you are still using this hash function. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1. Check our paper here for more details.
@bram Ow ow ow ow ow
@bram love to read how much of a clownshoes operation cacert still is, tbqh
@antifuchs this thing is still alive?
@bram apparently! They sent me a newsletter a few months ago about how they'd *totally* moved past all their previous drama, it was quite a read. And now, well.
@bram and it only costs around 20 to 10k usd to do the big hacc.
that's pretty much free.