By the way here is a nice article about why general purpose hash
functions are bad for hashing passwords:
http://codahale.com/how-to-safely-store-a-password/
Ilya.
On Wed, Dec 29, 2010 at 9:25 AM, Bruce Dubbs wrote:
> William Immendorf wrote:
>> Let's face it: MD5, while it might be more than
On Wed, Dec 29, 2010 at 12:25 AM, Bruce Dubbs wrote:
> You are probably right about shadow, but the main reason for the
> checksums for package downloads is to provide data integrity, not
> security. The better way for ensuring a package has not been
> intentionally modified is to use digital sig
William Immendorf wrote:
> Let's face it: MD5, while it might be more than plain old DES, it is a
> weak algorithm to encrypt your passwords with. To give you proof, in
> 2008, researchers demonstrated that MD5 is very weak to collision
> attacks, and can create false data that appears to be trustw
Let's face it: MD5, while it might be more than plain old DES, it is a
weak algorithm to encrypt your passwords with. To give you proof, in
2008, researchers demonstrated that MD5 is very weak to collision
attacks, and can create false data that appears to be trustworthy. For
proof:
http://www.kb.
