home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.os.linux.mandriva      Somewhat decent but also getting bloated      29,919 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 28,150 of 29,919   
   unruh to Bit Twister   
   Re: [OT] name of sys conf file containg    
   09 Jun 12 21:20:12   
   
   From: unruh@invalid.ca   
      
   On 2012-06-09, Bit Twister  wrote:   
   > On Sat, 09 Jun 2012 14:40:46 -0400, David W. Hodgins wrote:   
   >>   
   >> Check the article again. This issue isn't with the linux user passwords,   
   >> which stopped using md5 years ago, the problem is with some applications,   
   >> usually written in php, which still default to md5.   
   >   
   > I think the basic password problem was no salt was used :(   
   > The real problem was how did the crackers get the file in the first place.   
      
   Defence in depth.   
   The secrecy of the password hashes was never the front line of defence.   
   It was a preliminary skirmish wall. The main defence was to make sure   
   that a) the hash was sufficiently strong that only brute force could be   
   used, and b) make the passwords sufficiently complex that brute force   
   fails. It was the latter that failed.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca