rocketpig said: You don't really understand how encryption works. You need the key. The key changes. |
You can always crak the encryption given enough time. Give it a few weeks to potentially years and they can get what the password used to be.
rocketpig said: You don't really understand how encryption works. You need the key. The key changes. |
You can always crak the encryption given enough time. Give it a few weeks to potentially years and they can get what the password used to be.
Gnizmo said:
Also you might want to read my statements. I never said other companies always told people up front. I made a specific point not to claim that. Many other companies delayed informing people. Most don't. Those that do should be slammed for failing to mention it, because they fucked up. |
You really don't understand the word worse do you
Gnizmo said:
|
Where did Sony admit that? And the passwords could have just been stored in the same database which the hacker just mined for everything he could get doesn't mean the passwords are useful to him if he took them
Gnizmo said:
You also kill another of your points. You try to claim there was a lack of response similar to Sony's, but then go on to state the hack wasn't discovered. Do you see the link there? You can't report a data leak you don't know about. Unless it is discovered there is no way to inform the public. The fact that it wasn't discovered in other cases is big news on its own, but linked to the other info as you have it all it does is invalidate more of your response. |
So you don't understand the word most now either?
Gnizmo said:
|
Exactly. Without breaking the encryption immediately (or within whatever specified timeline used by the key), it's useless.
Or check out my new webcomic: http://selfcentent.com/
rocketpig said: They admitted that passwords were unencrypted? Jesus Christ. FUCKING WORDPRESS USES ENCRYPTION FOR COMMENTING. Fuck off, Sony. Seriously. Just retarded. |
"Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."
I am constantly amazed that anyone in IT would allow unencrypted passwords. I just don't get what they are thinking. There is no benefit to storing that shit in plain text.
rocketpig said:
You don't really understand how encryption works. You need the key. The key changes. |
You don't need the key, you can break it without the key
imaprettyhotguy said: You really don't understand the word worse do you |
I do, but you have nothing to back it up. Where is this worse PR? Show it to me. As for your question about the encryption info, well you might want to check the PS blog agan. Do you need another link?
imaprettyhotguy said:
You don't need the key, you can break it without the key |
And it would be useless because the key changed.
Or check out my new webcomic: http://selfcentent.com/
Gnizmo said:
|
Un-fucking-believable.
I've done more work than I care to count in databases using MySQL, MSSQL, and Fox Pro. Never ONCE have I seen a password field unencrypted.
Or check out my new webcomic: http://selfcentent.com/