New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Imgur Hacked, Thinks SHA-256 Brutable, No One Cares Because It's Just Imgur
raindog308
Administrator, Veteran
Thanked by 1Saragoldfarb
Comments
OMG!
Why did you create an imgur account?
"Rapist thinks womens underwear is self-undressing".
Because people want to delete their posts after some time. Or add more pictures to a post, etc.
sha256 without salt (SHA Secure Hash Algorithm, i don't get why they first write about encryption although they know that it is a hash algorithm). Yes they are right about that your password is now known with your email.
Well there goes the privacy of my publicly shared screenshots.
ftfy
Lol; privacy.
Yes, their phrasing is incompetent. They did not "encrypt my password" in their database so it can't be "cracked", etc.
And how is it someone who has their database has my password? That could only be if
And how did rapists enter the picture?
Jar, you should know that she did not really pose for Hustler and those pics are shopped.
You take it back right now! I will ban someone every half hour until you do, starting with @jbiloh, and he won't like that.
nobody should care anyway is just a public images hosting.
That will not stop the usual /r/tits user from using the service anyway.
The end must be nigh.
I wonder who's mind it'll blow if I mention that Bcrypt is also brutable...
Meh who cares, not like anyone used a password there that they also used elsewhere.
... Right?
Actually think I used one that's in a public database already. Guess that means free uploads to whoever gets it!
FREE UPLOADS? THAT'S WELL WORTH WAITING IN LINE!
I'd disagree here. Salt will be contained in the database that was breaches.
Even a strong hashing method with a good salt is only as strong as the password itself. Given time and CPU power, your password will eventually be discovered.
The existence of unique salts does mean no rainbow tables, so it is probably not worthwhile (assuming a sensible number of iterations, time and cpu cost far > potential benefit) for an attacker to bother trying to get passwords, but certainly not impossible.