MI5 hate encryption so much, they don't use it!]
Nexus
nexus at patrol.i-way.co.uk
Wed, 3 Jul 2002 13:49:24 +0100
Well they won't be able to use MAIL FROM: for much longer, viz
http://www.ripe.net/db/MD5-HOWTO.html
I also note that RIPE themselves warn of the dangers of using either MD5-PW
or CRYPT-PW at http://www.ripe.net/ripencc/pub-services/db/security.html
Still, breaking the MD5-PW will take a bit of grunt as they use an 8
character salt, but it could still be done.
http://www.ripe.net/cgi-bin/cgicrypt.pl.cgi
Anyone up for a new distributed challenge ?
A few of us at work were looking at this today (hence all the links to hand)
since we came across a major ISP that is using the same thing and an MD5
hash _really_ jumps out at you if from a publicaly visible source.... well,
to me it does.
;-)
Cheers,
JJ