It gets worse...

David Brodbeck DavidB at
Fri Aug 20 18:02:52 GMT 2004

> -----Original Message-----
> From: Jeremy Allison [mailto:jra at]

> "* Weng, Fang, Lai, and Yu have what appears to be a general 
> method for
>   finding collisions in MD4, MD5, HAVAL-128, and RIPEMD. They
>   haven't published any details."
> This could be very bad for NTLM auth.....

Not to mention for (Free|Open|Net)BSD systems, which mostly use MD5
passwords by default.  (It was thought to be "more secure" than DES.)

More information about the samba-technical mailing list