SHA1 algorithm securing e-commerce and software could break by year’s end: “SHA1, one of the Internet’s most crucial cryptographic algorithms, is so weak to a newly refined attack that it may be broken by real-world hackers in the next three months,...

SHA1 algorithm securing e-commerce and software could break by year’s end:

SHA1, one of the Internet’s most crucial cryptographic algorithms, is so weak to a newly refined attack that it may be broken by real-world hackers in the next three months, an international team of researchers warned Thursday.

SHA1 has long been considered theoretically broken, and all major browsers had already planned to stop accepting SHA1-based signatures starting in January 2017. Now, researchers with Centrum Wiskunde & Informatica in the Netherlands, Inria in France, and Nanyang Technological University in Singapore have released a paper that argues real-world attacks that compromise the algorithm will be possible well before the cut-off date. The results of real-world forgeries could be catastrophic since the researchers estimate SHA1 now underpins more than 28 percent of existing digital certificates.

Source: Ars Technica

Upgrade to iOS 9 to Avoid a Bluetooth iPhone Attack: “If improved battery life and a smarter Siri aren’t enough to convince you to upgrade to iOS 9, there’s now another incentive to trade up sooner rather than later: To avoid having your iPhone...

Upgrade to iOS 9 to Avoid a Bluetooth iPhone Attack:

If improved battery life and a smarter Siri aren’t enough to convince you to upgrade to iOS 9, there’s now another incentive to trade up sooner rather than later: To avoid having your iPhone wirelessly hijacked by any miscreant within Bluetooth range.

Source: Wired