I know how to get the so-called "cyber jihadists" to halt their DoS attacks on U.S. banks - hold all their Interner pr0n hostage! Block all Muslim countries' access to Internet smutt and pornography until those behind the DoS campaign cease their script kiddie attacks. I bet the outcry from followers of al Qaida would be so ferocious that the attacks would halt almost immediately!

How come COBOL hasn't "saved the slaves", if an almost-English programming language/syntax is so great?

Another point of this research was that no human being can, just by looking at a digital certificate, itself, can know whether it is a real certificate or a fake one.

In fact, the researchers did not provide a revocation-checking URL in their original certificate-signing request. This means that most tools (including your web browser) would not have a way of checking whether their bogus certificate had been revoked by the original certificate's CA, even if they ever found out that their legit certificate had been used for other purposes (based solely upon the cert's serial number).

It doesn't matter whether MD5 was used by the root certificates, or not. The issue is that the attackers injected themselves within your web browser's chain-of-trust, not that they utilized MD5 (or any other algorithm) to achieve this position. This group was able to anticipate and thereby "control" various CA-generated aspects of a digital certificate that they were eventually able to purchase. By carefully crafting a particular certificate - presumably for a domain which they have some reasonable responsibility or control - they could cause the CA to sign a new certificate with an MD5 hash that has an advantageous value. They then copied this hash value (and various other pieces of their new certificate) into a second certificate, forged to look like it's for a website that they presumably DO NOT have any responsibility or control. Because of their careful pre-planning, they were assured that the copied-over certificate's hash value would exactly match that of the certificate that they were (more or less) legitimately issued by the CA. This has the effect of fooling your browser into believing that their "bogus" certificate was, in fact, legit. The really nice twist to all this, IMHO, is that they though to make the new certificate ANOTHER, TRUSTED, CERTIFICATE AUTHORITY!! That was pure genius! Once they did that, they could then turn right around and sign as many certificates as their hearts desired, all of which would be blindly trusted by your web browser. Nice piece of work!

I worked for one of the big data-analysis/data-provider companies to many of these now-going-bankrupt subprime loan providers. We were specifically tasked with writing software to "match up" automatic housing-price valuations (AVM's) with a specific "target" price that had been previously set by the loan provider. This AVM would not return a value unless it agreed with whatever input the loan company put into it initially, and would keep churning through its algorithm until "the right value" had come out of it. This so-called "shopping for an AVM" process is illegal (at least in the United States), was programmed into the firm's software, and was made available to the loan providers so that they could (essentially) write a loan for a house at whatever value they decided that it should be -- all under the guise of "that's what the AVM *said* it was worth...". When I complained to our company's internal ethics committee about the practice, I was told that "our lawyers are looking into it". I guess they liked what they saw, because nothing changed, no Official Company Policies were declared broken, and the company's legal department now was absolutely and totally aware that the practice was embedded into its products, and being provided to its user base. And, to think - many of those very same loan companies that were using the products are now going bankrupt... GEE! I wonder why???? I guess payback is a b**ch! (Except it's the American Taxpayer who's paying for it, not the scumbags who foisted this mess onto us!)