Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Imgur Hacked, Thinks SHA-256 Brutable, No One Cares Because It's Just Imgur
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Imgur Hacked, Thinks SHA-256 Brutable, No One Cares Because It's Just Imgur

raindog308raindog308 Moderator
edited November 2017 in General

image

Thanked by 1Saragoldfarb

For LET support, please visit the support desk.

Comments

  • RayhanRayhan Member, Provider
    edited November 2017

    OMG!

    Why did you create an imgur account?

    Thanked by 2WSS dedicados

    SPUZE LTD - SSD Web Hosting, Domains, Servers & SSL Certs

  • "Rapist thinks womens underwear is self-undressing".

    My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

  • pikepike Member
    edited November 2017

    @Rayhan said:
    Why did you create an imgur account?

    Because people want to delete their posts after some time. Or add more pictures to a post, etc.

  • user54321user54321 Member
    edited November 2017

    sha256 without salt (SHA Secure Hash Algorithm, i don't get why they first write about encryption although they know that it is a hash algorithm). Yes they are right about that your password is now known with your email.

  • jarjar Provider

    Well there goes the privacy of my publicly shared screenshots.

    Thanked by 1Maounique
  • YuraYura Member
    edited November 2017

    @jarland said:
    Well there goes the privacy of my neatly stashed away Taylor Swift's images

    ftfy

    Thanked by 4jar WSS Ympker Aluminat
  • Lol; privacy.

    |||| $8? 🥔🥔 Markdown on Potatoes.

  • user54321 said: sha256 without salt (SHA Secure Hash Algorithm, i don't get why they first write about encryption although they know that it is a hash algorithm). Yes they are right about that your password is now known with your email.

    Yes, their phrasing is incompetent. They did not "encrypt my password" in their database so it can't be "cracked", etc.

    And how is it someone who has their database has my password? That could only be if

    • my password was stored in plain text
    • they implemented the system poorly (short max length, no salt, etc.)

    And how did rapists enter the picture?

    Yura said: @jarland said: Well there goes the privacy of my neatly stashed away Taylor Swift's images

    Jar, you should know that she did not really pose for Hustler and those pics are shopped.

    Thanked by 2Yura jar

    For LET support, please visit the support desk.

  • jarjar Provider

    raindog308 said: Jar, you should know that she did not really pose for Hustler and those pics are shopped.

    You take it back right now! I will ban someone every half hour until you do, starting with @jbiloh, and he won't like that.

    Thanked by 1Yura
  • nobody should care anyway is just a public images hosting.

    That will not stop the usual /r/tits user from using the service anyway.

  • deankdeank Member, Troll

    The end must be nigh.

    I have not created a single thread. Verify it if you dare.

  • I wonder who's mind it'll blow if I mention that Bcrypt is also brutable...

  • jarjar Provider
    edited November 2017

    Meh who cares, not like anyone used a password there that they also used elsewhere.

    ... Right? ;)

    Actually think I used one that's in a public database already. Guess that means free uploads to whoever gets it!

  • @jarland said:
    Meh who cares, not like anyone used a password there that they also used elsewhere.

    ... Right? ;)

    Actually think I used one that's in a public database already. Guess that means free uploads to whoever gets it!

    FREE UPLOADS? THAT'S WELL WORTH WAITING IN LINE!

    Thanked by 1Hxxx
  • jackbjackb Member, Provider
    edited November 2017

    @raindog308 said:
    And how is it someone who has their database has my password? That could only be if

    • my password was stored in plain text
    • they implemented the system poorly (short max length, no salt, etc.)

    I'd disagree here. Salt will be contained in the database that was breaches.

    Even a strong hashing method with a good salt is only as strong as the password itself. Given time and CPU power, your password will eventually be discovered.

    The existence of unique salts does mean no rainbow tables, so it is probably not worthwhile (assuming a sensible number of iterations, time and cpu cost far > potential benefit) for an attacker to bother trying to get passwords, but certainly not impossible.

    Afterburst - Awesome OpenVZ&KVM VPS in US+EU

Sign In or Register to comment.