lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Nov 2013 13:36:10 +0100
From: Krisztián Pintér <pinterkr@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Adobe stored 130 million passwords using 3DES/ECB mode


let me point out that the hacked system is a legacy system that is
scheduled to be rolled out.

if there is anything to learn from this story, it is that we don't
want legacy systems to be around. old crypto has to be rolled out as
soon as possible. we need to be flexible and up to date. even if it
costs us.


Tony Arcieri (at Friday, November 1, 2013, 7:34:33 PM):
> Possibly the biggest password disaster in history:
> http://arstechnica.com/security/2013/11/how-an-epic-blunder-by-adobe-could-strengthen-hand-of-password-crackers/


Powered by blists - more mailing lists