MD5 seems not safe for code signing
Monday, December 3rd, 2007This paper presents a method for creating the same MD5 hash for different executables - thus beating the idea of identifying executables by comparing their MD5 hashes to stored values.
Archive for the ‘Security’ Category
This paper presents a method for creating the same MD5 hash for different executables - thus beating the idea of identifying executables by comparing their MD5 hashes to stored values.
Embedding third party JavaScript securely
Wednesday, November 14th, 2007It is commonplace to include dynamic content from a third party site in a webapp, but it always carries some security risk. Probably this project can help to limit the threat. Of course, only if you put your trust in Google :) A source-to-source translator for securing Javascript-based web content