Des (deskitty) wrote,

  • Mood:
  • Music:
I had some odd dreams last night. One was about fixing ensuing's computer (and yes, that is odd for me to have a dream about). The other was about waking up (this morning) to find that elvendude had IMed me and my AIM client had somehow managed to sprout some rudimentary AI, figure out it was him, add him to my buddy list and give him the right nickname (my system for assigning nicknames to people is inconsistent and only makes vague sense).

I find the concept of an AIM client with artificial intelligence to be vaguely disturbing. Suppose it started having my conversations for me? That could get messy.


I woke up (actually woke up, as opposed to "woke up" in a dream) to this in my inbox this morning. This probably isn't much to worry about, at least for now ... but part of computing is understanding the risks. [Read it before you go any further.]

Now, hashing is not the same as cryptography. So if you use, say, SSL to send your credit card over to Amazon, or PGP to encrypt email to your SO ... you're probably still reasonably safe. (Even PGP signatures are safe, because those use SHA1, which is a different--and stronger--algorithm which hasn't yet been broken.)

However, a lot of password systems (including most standard Linux boxen) use MD5. As far as I can tell from looking at their current CVS sources, LiveJournal uses MD5 for storing passwords internally.

But, for the most part, people don't need to worry. Those MD5 hashes are most often stored in a reasonably-protected database behind a firewall. So it would be very difficult for an attacker to even get the hash in the first place. And really, if someone can get enough access to LJ's database to get your password hash, they can probably read all your private entries anyway so it doesn't really matter.

-- Des

  • (no subject)

    Well, I'm off to Dreamwidth. I hope to see you all there! Nice knowing you, LJ. It's been grand. — Des

  • A fresh start?

    So I'm thinking of moving away from LJ. Every time I glance at my ad blocker, there are an uncomfortably-large number of advertising and tracking…

  • 2012: Ramp It Up

    It’s that time of the year again -- another year has passed, and as usual, I don’t finish reflecting on it until the first 3 months of the following…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded