back to article Facebook has stopped SHA-ring, a year later than it promised

Facebook's quietly taken its SHA-1 certificates out behind the data centre with an electrified degaussing machine. The SHA-1 hashing algorithm was declared unreliable back in 2005. By 2010, hackers cracked a password hashed with SHA-1 using just US$2 of resources rented from Amazon Web Services. In 2015 researchers blew the …

  1. gerdesj Silver badge

    "the company was worried that some of its users accessed its services on devices that devices could not support TLS certificates that improve on SHA-1."

    It is possible to detect rubbish devices and pass them via a landing page that describes their problems before content delivery. I'm not sure of the exact mechanism but I've spent enough time with HA proxy to know that it will be possible.

    Any sysadmins out there not familiar with HA proxy ... should be.

    1. Boothy Silver badge

      I'm curious as to who these 'users' are.

      Are these people that are still using IE6 on XP or something?

  2. Baldy50

    Wojciech Wojtyniak

    What no middle name?

  3. W4YBO

    Oh good...

    Just in time!

  4. PM2

    30 November message

    So is this the real reason why the native messaging app on my BlackBerry Z10 received a message from Facebook to say that they were no longer supporting it?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021