How the Bible and YouTube are fueling the next frontier of password cracking
2 posters
Page 1 of 1
How the Bible and YouTube are fueling the next frontier of password cracking
http://arstechnica.com/security/2013/10/how-the-bible-and-youtube-are-fueling-the-next-frontier-of-password-cracking/
amfl8r- Posts : 747
money : 789
bitches : 5
Join date : 2013-10-07
Age : 27
Humor : le shoehorn
Re: How the Bible and YouTube are fueling the next frontier of password cracking
nerd blaster wrote:http://arstechnica.com/security/2013/10/how-the-bible-and-youtube-are-fueling-the-next-frontier-of-password-cracking/
jesus fucking christThe fact that they're using md5 instead of sha doesn't help either. I wouldn't say it's all laziness though. Most likely it's ignorance. After interviewing dozens of web developers I find about 1 in 5 is even aware of common web vulnerabilities like SQL Injection, XSS and CSRF so the fact that they don't know to salt their passwords doesn't surprise me.All of this is caused by developers being lazy and not salting passwords. You can't apply a dictionary attack to a password hash if the hash has an unknown string hashed in with it. Key stretching (bcrypt) and cryptographically secure random number generators for salts are the only way to prevent this properly. All the stuff is out there, and it's just plug and play these days. There's no excuse for weak password storage anymore.
amfl8r- Posts : 747
money : 789
bitches : 5
Join date : 2013-10-07
Age : 27
Humor : le shoehorn
Re: How the Bible and YouTube are fueling the next frontier of password cracking
yup most web devs are kids who grew up when the internet was gaining prominence so their experience and knowhow boils down to remembering a script they copied and pasted back in 2002
when all of your knowledge is based on internet tutorials you don't learn anything except how to be retardedly insecure this is why retards in thirdworldlandia can deface websites with shitty security but not access government/military databases
when all of your knowledge is based on internet tutorials you don't learn anything except how to be retardedly insecure this is why retards in thirdworldlandia can deface websites with shitty security but not access government/military databases
LEADER OF THE FREE WORLD- UNSTOPPABLE
- Posts : 21233
money : 2147483634
bitches : -828
Join date : 2013-02-25
Age : 14
Location : worlds most dangerous hacker
Humor : bench 420 squat 420 deadlift 420
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum