* Posts by Zama

3 publicly visible posts • joined 31 Jan 2014

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more

Zama

Would you mind shedding some light on what "quirky c++ methods" are and why they're so hard to port?

Yahoo! Mail! users! change! your! passwords! NOW!

Zama

Re: Honest Question

Sally has an account with Yahoo. She doesn't have much of an imagination, and uses the name of her dog as a password. She then downloads a new version of some Adobe product, which requires registration. So she supplies her yahoo email address and, foolishly, the same password that she uses for that account. When the Adobe database is hacked, the attackers know that this sort of behaviour is rife and they use the Adobe details to try and break into the Yahoo account. Chances are good that they'll succeed with a moderately high proportion of users. Yahoo were not at fault in this scenario

Zama

Re: ThirdParty + PlainText Passwords ?

Doesn't sound like Yahoo did anything wrong. If anybody should be shot, it's the users who used the same password on multiple sites. And there's no evidence that clear-text passwords were stored anywhere. Software like John the Ripper and hashcat will make short work of salted and hashed password files.