Software Integrity

Archive for June 2012

 

Securing password digests -or- How to protect lonely unemployed radio listeners

As we’re prone to say, “much ink has been spilt over the release of password digests” from LinkedIn and others. I’m, as is typical, profoundly disappointed in that amount of misinformation I’ve heard in security folks’ commentary on the problem and the underlying workings of digests, HMACs, and so forth. This blog entry represents a […]

Continue Reading...

Posted in Threat Modeling | Comments Off on Securing password digests -or- How to protect lonely unemployed radio listeners