Sub Zero 992 - Slashdot User

Comment Re:not md5, bcrypt (Score 1) 259

by Sub Zero 992 on Friday September 25, 2009 @12:49PM (#29540995) Attached to: ISP Mistakenly Emails Customer Database To Thousands

Hi,

Well, the choice of algorithm is important. MD5 is a bad choice.

And yes you're right, if the password is weak, and the website provides no protection against brute force attacks over HTTP, then it remains a weak password. And resetting the password is a problem which has been mostly solved, you send the person a token by email or sms to their pre-validated account, with which they can create a new password.

Cheers

Comment not md5, bcrypt (Score 1) 259

by Sub Zero 992 on Thursday September 24, 2009 @11:27AM (#29529283) Attached to: ISP Mistakenly Emails Customer Database To Thousands

You are right about not being a database / web guru.
MD5 is the wrong hash algorithm, you want to look at bcrypt.

Submission + - CCC Hackers hardhack DECT telephones (heise.de)

Submitted by

Sub Zero 992

on Tuesday December 30, 2008 @07:26AM

Sub Zero 992 writes: "Heise Security (article in German) is reporting that at this year's Chaos Communications Congress (25C3) researchers in Europe's dedected.org group have published an article (pdf) showing, using a PC-Card costing only EUR 23, how to eavesdrop on DECT transmissions. There are hundreds of millions of terminals, ranging from telephones, to electronic payment terminals, to door openers, using the DECT standard. Is this a security nightmare in the making?"

Comment Re:Which is it? (Score 4, Informative) 229

by Sub Zero 992 on Monday January 28, 2008 @06:43AM (#22206322) Attached to: Speculation On the Doomed Satellite

Well, your options are not mutually exclusive.

Most likely:

a) its solar wings failed to deploy
b) it is therefore in deep sleep
c) what goes up (and remains within the Hill Sphere) must come down

ymmv

Slashdot Top Deals