It gets worse...
DavidB at mail.interclean.com
Fri Aug 20 18:02:52 GMT 2004
> -----Original Message-----
> From: Jeremy Allison [mailto:jra at samba.org]
> "* Weng, Fang, Lai, and Yu have what appears to be a general
> method for
> finding collisions in MD4, MD5, HAVAL-128, and RIPEMD. They
> haven't published any details."
> This could be very bad for NTLM auth.....
Not to mention for (Free|Open|Net)BSD systems, which mostly use MD5
passwords by default. (It was thought to be "more secure" than DES.)
More information about the samba-technical