Ok Chicken Little, stop running around in circles and panicking. Regardless of what you read online, you shouldn’t believe it… Or at least, you shouldn’t freak out over something that already happened.
Take a look at this article:
Gold-standard online security code cracked
26 February 2005Magazine issue 2488
NOTHING lasts for ever, and especially not in the digital world. The gold standard security algorithm that underpins online transactions has been broken by researchers. But don’t panic yet - even the most serious hackers lack the necessary computing power to repeat the feat.The algorithm in question, SHA-1, works by reducing a digital file to a 160-bit string of data known as a hash……
This is the original article. Did you notice the date? Oddly, most people hadn’t heard that SHA-1 had been “hacked”. Fortunately, the issue isn’t too serious, at the moment, because the research wasn’t released into the wild. (Second article - notice the date again.)
Unfortunately, an announcement of a Call for Comment has brought this back to light, but in the wrong context. SHA-1 was compromised almost 2 years ago - not recently.
While this will ultimately comprise computers, routers, security certs, etc, not much is happening right now. Currently, the government is so concerned that they’re mandating an internal switch in all but a few applications by 2010. (Please tell me you can read the sarcasm here…)
Oh, and if you think that my level of concern isn’t high enough, SHA-1 is a hash, not a form of encryption. While it is important in every day life online, its not like secret government files are compromised because of this old news.
