Date: Fri, 29 Dec 2006 11:14:31 +1300 From: Russell Fulton <r.fulton@...kland.ac.nz> To: john-users@...ts.openwall.com Subject: Re: is it allowed to ask help to crack 1 or 2 HASH in this list ? Solar Designer wrote: > Oh, I've actually rejected a posting with an excerpt from a likely > stolen password file with some easily crackable hashes. The message > claimed that those hashes were hard to crack, which was not true. What > do others think - should this kind of postings be allowed, too, such as > to provide test material (although there's plenty of it available with > Google if you use the right keywords)? Should the moderators bother to > check whether the hashes are in fact not trivial to crack before > accepting or rejecting a posting? I certainly don't expect to always > have the time for that. > The posting of hashes for others to crack is obviously open to abuse. I don't have strong feelings about whether or no the list should allow such posts bit admit that the feelings that I do have lean towards saying no. My main reason for this is that I really don't see what use these posts are to anyone and I certainly agree with the poster who said that if they ever cracked any hash posted here they would never return the result. I do feel (quite strongly) that if the list does accept hashes then we should accept all hashes. As Solar says the moderators won't always have time to check that hashes posted are indeed difficult to crack. If we start screening hashes then an expectation is established that screening will take place -- this could theoretically have legal implications if some trivial stolen hashes were posted here, not checked by the moderators and subsequently broken and then used. It could be argued that the moderators where negligent. Russell -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ