The US Cyber command, a new … er … entity in the US that, er … will protect us … somehow … has an interesting seal. On that seal is a “cipher” of some sort.
Well that “cipher”, 9ec4c12949a4f31474f299058ce2b22a appears around the inner ring of the seal.
Wired noticed this and had a contest to de-cipher it.
The Register noticed this, and, as all deep techies might say, ya know, it looks a heckuva lot like an md5 hash of something. Well, they figured it out. It is an md5 hash of the Cyber command mission statement.
Everyone feels good right now … mysterious cipher solved.
But … I would expect … no … I would demand … that the Cyber corps know, beyond a shadow of a doubt, that md5 hashes shouldn’t be trusted.
Um …. HELLO? Anyone there? Using a hash that the government specifically indicates should not be used … on your seal? Exactly what is it you are telling us?
I hope that the techies in the Cyber command were yelling at the folks building the seal logo, so that at least somewhere … somewhere … there is a record (likely clearance required) that says “hey, we aren’t advertising open barn doors, are we?”
This one … yeah … its as bad as the “Office of the President Elect”. Possibly worse, as the OPE was simply farcical; this could signal something far more dangerous … people in high places making important decisions without an adequate understanding of the decisions, or the impact upon the country of such decisions.
Why not use an unbroken hash? Or better yet, as many hashes will eventually be broken given sufficient computing power, why not leave it off entirely?
I won’t start speculating about “whats next” from this group. Lets hope that seal v2.0 makes its appearance with the hash gone from the interior ring.