The attacks target weaknesses in the hash algorithms that permit multiple hash collisions to take place.
Ruby On Rails, Mozilla and others have moved to a new hash built by the researchers who found the hole. Java has not."
Link to Original Source
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
"The algorithm to do that is extremely nasty. You might want to mug someone with it." -- M. Devine, Computer Science 340