Weekly Update 386
2024-2-9 14:55:32 Author: www.troyhunt.com(查看原文) 阅读量:19 收藏

Somehow, an hour and a half went by in the blink of an eye this week. The Spoutible incident just has so many interesting aspects to it: loads of data that should never be returned publicly, awesome response time to the disclosure, lacklustre transparency in their disclosure, some really fundamental misunderstands about hashing algorithms and a controversy-laden past if you read back over events of the last year. Phew! No wonder so much time went on this! (and if you want to just jump directly to the Spoutible bits, that's at the 8:50 mark)

Listen on Apple Podcasts

Get it on Google Play

Download via RSS

References

  1. Sponsored by: Got Linux? (And Mac and Windows and iOS and Android?) Then Kolide has the device trust solution for you. Click here to watch the demo.
  2. I'll be speaking at NDC in Sydney next week (it's all about "How I Met Your Data")
  3. I'll also be at the Azure Sydney User Group (this one is "Cloud-Enhanced Cybersecurity Tales from the Dark Web")
  4. Spoutible's spurted deluge of personal data (how much data does it need to be before it's a deluge? 🤔)
  5. There are a lot more nuances to hashing algorithms than what many people seem to realise (perhaps most notably is that the strength of the password itself plays an enormous part in how likely a hash is to be cracked)
Weekly update

文章来源: https://www.troyhunt.com/weekly-update-386/
如有侵权请联系:admin#unsafe.sh