PlayStation 3 Used To Break SSL

The PlayStation 3 was instrumental in the efforts of an international team of security experts to successfully hack VeriSign's SSL website security scheme, and it only took 200 consoles to do it.

I'll try not to get too technical here, mainly because I don't truly understand a great deal of this myself. Using a pool of 200 PlayStation 3 systems, the team of researchers managed to create a rogue certificate authority which could then be used to issue fake security certificates to websites. This was done by exploiting a bug in the MD5 hashing algorithm used to create the real counterparts to said security certificates. What this all means, in layman's terms, is that a hacker could theoretically use such an exploit to convince users they were entering information into a real website, then using said personal information for various nefarious hacker purposes, like installing a cookie monster virus or something.

Researchers are doubtful a real-world attack like this would actually occur, but suggest their results indicate that schemes that use MD5 should really think about swapping out for something a bit more secure.

Once again the power of the PlayStation 3's Cell processor has been proven, making the world a better place to live!

Researchers hack VeriSign's SSL scheme for securing Web sites [Computerworld]