Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Man-in-the-middle attack on GitHub in China

Matt Mackall mpm at selenic.com
Wed Jan 30 23:37:28 PST 2013


On Wed, 2013-01-30 at 23:30 -0800, x z wrote:
> 2013/1/30 Matt Mackall <mpm at selenic.com>
> 
> > On Wed, 2013-01-30 at 13:15 -0600, Matt Mackall wrote:
> > > On Wed, 2013-01-30 at 09:55 -0800, x z wrote:
> > > > @Nadim, I think breaking in a CA is a rather serious crime that GFW
> > would
> > > > refrain from committing;
> > >
> > > Unlike, say, breaking into the Tibetan government-in-exile, Google and
> > > hundreds of other companies?
> >
> > From today's news:
> >
> >
> > https://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html
> >
> > Interesting. The following from this article is alarming:
> 
> "Security experts found evidence that the hackers stole the corporate
> passwords for every Times employee and used those to gain access to the
> personal computers of 53 employees, most of them outside The Times’s
> newsroom."
> 
> Does Times store these passwords in plain text?

Probably not, but it no longer matters. The state of the art in password
cracking has massively improved in the past few years and most hashed,
salted passwords are no longer safe.

-- 
Mathematics is the supreme nostalgia of our time.





More information about the liberationtech mailing list