Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 27 Oct 2017 13:25:48 +0300
From: Alex Smirnoff <ark@...ex.net>
To: "e@...tmx.net" <passwords@...ts.openwall.com>, passwords@...ts.openwall.com
Subject: Re: from Usenix

I also wonder why they mention modern pbkdf's just briefly, if at all.

Sent from my BlackBerry 10 smartphone.
  Original Message  
From: e@...tmx.net
Sent: Friday, October 27, 2017 11:37
To: passwords@...ts.openwall.com
Reply To: passwords@...ts.openwall.com
Subject: Re: [passwords] from Usenix

On 10/26/17 14:38, ArkanoiD wrote:
> https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-lai.pdf

this is nothing more than shitty BLAME SHIFTING!!!

since the user logs in with normal password auth procedure,
someone has to deal with the password auth anyway!

the entire article can be safely and losslessly truncated to:

Let's make another server store the passwords and we can talk how 
beautifully our server can avoid storing passwords.

THIS IS WORSE THAN NOTHING!
it consumes my time and energy (by reading this hollow pseudo-science)
it devalues the research and gives bad name to science
IT INCREASES THE ATTACK SURFACE.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ