Date: Fri, 27 Oct 2017 13:25:48 +0300 From: Alex Smirnoff <ark@...ex.net> To: "e@...tmx.net" <passwords@...ts.openwall.com>, passwords@...ts.openwall.com Subject: Re: from Usenix I also wonder why they mention modern pbkdf's just briefly, if at all. Sent from my BlackBerry 10 smartphone. Original Message From: e@...tmx.net Sent: Friday, October 27, 2017 11:37 To: passwords@...ts.openwall.com Reply To: passwords@...ts.openwall.com Subject: Re: [passwords] from Usenix On 10/26/17 14:38, ArkanoiD wrote: > https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-lai.pdf this is nothing more than shitty BLAME SHIFTING!!! since the user logs in with normal password auth procedure, someone has to deal with the password auth anyway! the entire article can be safely and losslessly truncated to: Let's make another server store the passwords and we can talk how beautifully our server can avoid storing passwords. THIS IS WORSE THAN NOTHING! it consumes my time and energy (by reading this hollow pseudo-science) it devalues the research and gives bad name to science IT INCREASES THE ATTACK SURFACE.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ