i heard recently someone used a spectrum to break HDCP lol

SSL is a protocol that encrypts data over the internet for security reasons. Let's say, it carries your credit card number over the net in a secure way. You can tell that you're on a secure connection when the address changes to "https://"

What this fellas did with the PS3s would let someone attack a secure connection without the user or the browser noticing.

This was the true purpose of teh Cell!

The MD5 security algorithm has been compromised for a long time. Any new application still using it is asking for trouble.

From wikipedia:

In 2004, more serious flaws were discovered making further use of the algorithm for security purposes questionable.^[2][3] In 2007 a group of researchers including Arjen Lenstra described how to create a pair of files that share the same MD5 checksum.^[4] In 2008 a group of researchers used MD5 collisions to fake SSL certificate validity.^[5]

As for this specific attack, there are not many details on how they did it yet. I wonder if they couldn't have used GPUs as well, which are faster and quite flexible when programmed with things like Nvidia's CUDA. There are already implementations of MD5 cracking with GPUs:

http://bvernoux.free.fr/md5/index.php

In simple terms, SSL (Secure Socket Layer) is the protocol used to establish a secure, encrypted connection over the web. A Certificate is used by a website to identify itself to the end user's browser. A CA is a Certification Authority. Any certificate encoded by and provided by a trusted CA (such as Verisign) is assumed by the web browser to be authentic and proves to the browser that the website is who it claims to be (aka, Bank Of America's website is actually legit and not trying to steal your info). If hackers break the encoding algorithm of the legitimate CA's, they can create fake certificates that will be accepted by web browsers, making it more difficult for an end user to detect a phishing website because they will get no certificate warning.

For example: The hackers could create a fake Bank of America website that looks just like the real thing, but call it www.boa.com and give it a certificate that claims to verify the site is owned by Bank of America and verified by VeriSign. They could then send out a mass spam email campaign that looks to be emails from Bank Of America saying 'Check out our new website, and pointing to the fake site. Browsers would not warn the end users that the site may be fake because the certificate would look just like it is legit. Unsuspecting people would then enter their account info, and the hackers would have access to countless bank accounts.

OK, I just found some details on this attack... Not much regarding how they used the PS3s though:

They performed 2^51 MD5 hashes using 200 PS3s for 18 hours, or 173 million hashes per PS3 per second.

For comparison, the previously mentioned GPU algorithm calculates 200 million hashes per second (Configuration: GeForce 8800GT and Core2Duo E6750 using one core)

http://www.win.tue.nl/hashclash/rogue-ca/

What would be impressive is if Sony could figure out how to harness that power to crack Microsoft's bank account... they need the money, and it would be nice if the gaming division actually made them some money this generation.

 well the gaming division did report profit last quarter so idk

Not really.

I guess the ps3 can do anything lol. Sorry were right

*oi ps3 fix me so toast now chop chop chop*