Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ubuntu Forum Security Breach

samzenpus posted about a year ago | from the protect-ya-neck dept.

Ubuntu 108

pinkstuff writes "There has been a major security breach of the Ubuntu Forums database. Every user's email address and salted password has been taken. From the forum home page: Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP. Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."

Sorry! There are no comments related to the filter you selected.

Don't worry.... (-1, Troll)

OutOnARock (935713) | about a year ago | (#44376461)

It was the NSA....

Re:Don't worry.... (-1, Troll)

dunng808 (448849) | about a year ago | (#44376509)

I recall when open-source software was deemed secure. Windows was the paper tiger. What happened?

Open SORES "FUD" @ /. failed is what... apk (-1, Troll)

Anonymous Coward | about a year ago | (#44376645)

Android only proves it more! Little /. noobz tried their bs for YEARS on that note (anyone that's been around here for awhile knows it for Pete's sake) & yes - being young noobz they didn't have enough experience and history in this field to realize their crap would fail in the end!

What I find funnier than hell is that Android (yes, uses a Linux core & is therefore a Linux, because it's sure as hell isn't Windows or MacOS X)?

ANDROID's being infected/infested/attacked FASTER than Win3.x-9x were in the same timeframe.

Also, lastly: A guarantee (lol) that MY POST will be downmodded, just for "telling it how it is" around here... can't have THAT!

Since "the big 'fix'" is in EVERYWHERE? NSA-style "damage control" will take place... the "situation must be contained"... via downmod vs. my facts.

APK

P.S.=> Mr. Torvalds & crew - nothing against you guys: YOU do a decent enough job & your OS project is what I call a "socio-technological" marvel actually - it's proof folks the world over CAN work together to produce something decent enough... I do have issue with bullshitters who try "FUD" though as went on here for YEARS of "Linux = Secure, Windows != Secure" when ANY OS can be secured quite well...

apk

Re:Open SORES "FUD" @ /. failed is what... apk (0, Insightful)

Anonymous Coward | about a year ago | (#44378409)

Ok colorful language from a known troll. But the points are still valid. Why the down mods?

Re:Open SORES "FUD" @ /. failed is what... apk (0)

tbird81 (946205) | about a year ago | (#44378579)

He hurt their feelings.

I spoke truth (everyone knows it)... apk (-1)

Anonymous Coward | about a year ago | (#44379791)

Downmodder = you, then posting as AC - who's the troll? You are.

* What makes you call me a troll? Seriously! I am curious on THAT account... IF it's what I *think* it is, then you have a hell of a surprise coming!

(Plus, the day you've done the things I have in the art & science of computing, that I strongly wager I did while a "ne'er-do-well" like yourself was in diapers, is the day you can even BEGIN to speak to me thus...)

APK

P.S.=> At least you admit my points are valid, but I'm no cowardly little troll like yourself... far from it!

... apk

Re:I spoke truth (everyone knows it)... apk (0)

Anonymous Coward | about a year ago | (#44380711)

Actually you are a troll, you're posting intentionally inflammatory comments just to rub the fact that you were right in people's faces and that you're far superior to everyone else. You may not be intending to be one, but you most certainly are coming off as one. If you're not trying to be a troll, then your social skills could use improvement, so that they could be on par with your claimed technological abilities.

You're also wrong in general, insofar as general architectural choices in the softwares you brought up, most people ./ included have admitted Windows 7 was a dramatic improvement in security and usability. The biggest complaint against MS right now is deliberate design choices that seem to be made to exclude business and desktop users. A few years ago, sure your point was valid, but in general, OOTB Linux is more secure than Windows, Android is fairly secure, though there have been breaches, most are social engineering hacks, where the apps just ask for elevated permissions and users give them away without reading.

If your point is, as I believe it to be, that all operating systems are only as secure as those who use them, then you could have worded it far more eloquently without being trollish and you may have even gotten a few people to see your point. As it is, you talk a big game, can't back it up(since you post as an AC), and just come off as a childish braggart. Also one last thing, just because you're proficient at something doesn't mean you can't be a troll, regardless of when anyone else was in diapers. Me personally I started in the days of baud rates, when dedicated computer modems just came out. If you've been the techno god you claim to be since then, and you're still having trouble elucidating your point, the problem is on you, not on others.

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44376667)

Ubuntu got popular enough that little script kiddies thought it would be a nice boost to his ego to hack it.

Dupe story (4, Insightful)

BrokenHalo (565198) | about a year ago | (#44376943)

I don't know about Ubuntu being that popular, but this story seems to be. We had this one on /. only four days ago. Editors asleep at the wheel again... :-|

Re:Dupe story (1)

Anonymous Coward | about a year ago | (#44378179)

the story should be that the ubuntu forums *are still offline* - going on five days now.

Re:Dupe story (2)

HJED (1304957) | about a year ago | (#44378473)

and that the attackers have apparently managed to decrypt to passwords, causing another forum breach: here [simplemachines.org]

Re:Don't worry.... (1)

Tarlus (1000874) | about a year ago | (#44377107)

Script kiddies don't hack.

Re:Don't worry.... (0, Funny)

Anonymous Coward | about a year ago | (#44376831)

Ubuntu is the Windows of operating systems.

Re:Don't worry.... (5, Informative)

Anonymous Coward | about a year ago | (#44377267)

The Ubuntu forums run on vBulletin, a proprietary solution. Nothing open-source about it.

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44378109)

if they can't patch vbulletin, how can we trust them to patch our servers?

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44379411)

herp derp all php source is open. herp derp.

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44380565)

Herp derp vBulletin is proprietary, so even if you find the bugs by inspection you can't fix them. Herp derp.

Re:Don't worry.... (1)

Anonymous Coward | about a year ago | (#44379669)

The source was available to them right? So they could have audited it for security problems. So why didn't they detect the problems? Not enough resources allocated? Not enough talent? Same problem goes for OSS.

Skilled eyes are magnitudes better at spotting security bugs. How many skilled eyes are really looking at open source stuff AND working to get it fixed compared to the number of skilled eyes who are looking at it and keeping the exploits for their benefit.

The security of OSS is overrated. There are limits to what they can do in practice due to users and usability[1] - for example the apparmor profile for firefox etc are disabled by default, and the default profiles are also quite lax (firefox with apparmor enabled can still access most of the files in the HOME directory)

[1] and that's the main security problem for Windows too.

Re:Don't worry.... (2)

LordLimecat (1103839) | about a year ago | (#44377647)

What happened is that you apparently dont know the difference between operating system vulnerabilities, and someone gaining unauthorized access to a forum.

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44378449)

What happened was that the PROPRIETARY software on which the forum was based, got hacked.

Re:Don't worry.... (1)

russbutton (675993) | about a year ago | (#44380485)

Nothing "Happened". *No* operating system is 100% secure, especially when humans are involved. At the place where I work, people send around user names and passwords in e-mail. Twice I've sent out notes to the entire company admonishing them to not do that and why, but the practice continues.

Beyond simply the operating system, you've got vulnerabilities in things like .net and java.

http://technet.microsoft.com/en-us/security/bulletin/ms13-040 [microsoft.com]
http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-3091/Microsoft-Asp.net.html [cvedetails.com]
http://www.oracle.com/technetwork/topics/security/alerts-086861.html [oracle.com]

If you really believe that Windows is just as secure as Linux, then go ahead believing that. You're going to anyway.

Re:Don't worry.... (0)

Anonymous Coward | about a year ago | (#44376549)

If it was the NSA, then maybe I wouldn't have to worry about the asshole who hacked the forums trying to get some brownie points to enhance his 1337 status with his kiddie hacker buddies by posting my (among millions of others') e-mail address to a public web site for all the spammers to jizz all over. At least the NSA would keep it secret, and you'd probably never know they did a thing.

Re: Don't worry.... (0)

Anonymous Coward | about a year ago | (#44376771)

Enh, maybe said spammers won't be able to decode what marketable opportunities Ubuntu users are into (Steam?) and leave those emails be. One hopes.

Re: Don't worry.... (0)

Anonymous Coward | about a year ago | (#44376907)

I'm pretty sure with porn and penis pills, these are prime leads.

Re: Don't worry.... (0)

Anonymous Coward | about a year ago | (#44377415)

I'm pretty sure with porn and penis pills, these are prime leads.

Wait wait WHAT?! You can get penises in PILLS now? Wow. The Mac users will love the convenience!

Re:Don't worry.... (1)

Dunbal (464142) | about a year ago | (#44376735)

NSA don't need to hack the forums. They've got all the packets in and out of the servers saved on a disk. Not to mention a back door into the servers.

Dupe from 3 days ago (3, Insightful)

slimjim8094 (941042) | about a year ago | (#44376469)

Dupe of http://it.slashdot.org/story/13/07/21/0318243/ubuntuforumsorg-hacked [slashdot.org]

Posting anon so no karma whoring

Re:Dupe from 3 days ago (2)

slimjim8094 (941042) | about a year ago | (#44376487)

Weird, it showed the checkbox as checked for me...

Re:Dupe from 3 days ago (2)

ElementOfDestruction (2024308) | about a year ago | (#44376691)

Turns out you use the name slimjim8094 at ubuntuforums too. Maybe change your password. Now!

Re:Dupe from 3 days ago (1)

slimjim8094 (941042) | about a year ago | (#44377385)

Yes it is.

I have tiered passwords - one I use for a lot of stuff I don't care about, one I use for stuff I care about a little bit more (Slashdot is included ;) ) and unique passwords for anything "high-security" - work account, bank/anything else involving money, etc. I happened to use the "weak" password for ubuntuforums and - by definition - I don't really care if any other accounts are compromised. To put it in perspective, that's the password I use on sites that don't even hash their passwords, so the attacker getting a salted hashed password is pretty low down on my concerns. But I have reset that "weak" password anyway.

Re:Dupe from 3 days ago (1)

Psychotria (953670) | about a year ago | (#44377621)

You used a weak password for the ubuntu forums and a stronger one for slashdot? You're pretty weird, dude.

Re:Dupe from 3 days ago (0)

philip.paradis (2580427) | about a year ago | (#44378161)

You place higher value on your /. account credentials than $insert_whatever_else_here? Speaking as someone who's on his third or fourth /. account (but the first one with my actual name), I must say ...

Priorities [photobucket.com] . That is all.

Re:Dupe from 3 days ago (1)

HJED (1304957) | about a year ago | (#44378487)

BTW they have managed to decrypt the passwords, Simple Machines Forum just got hit as well because an admin used the same password on both sites.

Re:Dupe from 3 days ago (0)

Anonymous Coward | about a year ago | (#44376489)

Posting anon so no karma whoring

o_O

Re:Dupe from 3 days ago (1)

slimjim8094 (941042) | about a year ago | (#44376525)

Yeah I know... Flaky connection here, and I checked it after I clicked the preview button (by habit) and nothing happened so I clicked again. Maybe the first one (without the check) went through. I'm fine if people would rather downvote me... not short of karma

Re:Dupe from 3 days ago (1)

johnsnails (1715452) | about a year ago | (#44376563)

Why would you? It is an old story, and was rightfully pointed out by u.

"Posting anon so no karma whoring" (1)

antdude (79039) | about a year ago | (#44377961)

slimjim8094: Failed. :P

Again? (0)

Anonymous Coward | about a year ago | (#44376477)

Again? Or just news older than dirt?

Re:Again? (1)

0dugo0 (735093) | about a year ago | (#44376523)

Probably, my database dump is from late last year.

The forums are useful (1, Offtopic)

jones_supa (887896) | about a year ago | (#44376603)

During last days I have bumped to the "ubuntuforums.org is down for maintenance" message several times while googling some Linux stuff. I never realized before that I visit that site so often.

Re:The forums are useful (1)

Anonymous Coward | about a year ago | (#44377429)

During last days I have bumped to the "ubuntuforums.org is down for maintenance" message several times while googling some Linux stuff. I never realized before that I visit that site so often.

The Gentoo and Arch Linux forums much more useful if you are an experienced, competent Linux user and ran into an oddball problem. Those users really, really know their stuff.

Ubuntu forums are sadly full of noob types asking noob questions. Yes there is good info there but you'll have to wade through the "RTFM" type questions and sometimes your signal to noise ratio is very low. Of course if you actually ARE a newbie this is a plus and they are very good about steering you in the right direction in a nonjudgmental manner, but if you are not a newbie this is a big minus.

Anyone who gets offended that I dare suggest that one size does not fit all and different sites appeal to different userbases is definitely a noob :-).

Re:The forums are useful (0)

Anonymous Coward | about a year ago | (#44378381)

No mod points, but seconded. If I cannot find an answer on the Arch forums, a problem is unsolvable. :-) You can mod me offtopic now.

Re:The forums are useful (-1)

Anonymous Coward | about a year ago | (#44378835)

I've had the misfortune to wade into the UbuntuForums a few times, mostly while tracking errors. It really seems to be a case of blind leading the blind, and the answers they give really aren't usable most of the time. It's the sort of place where you see a post with subject "pulseaudio won't start," the problem really is "pulseaudio's hold on the card got usurped by ALSA and it is, in fact, outputting sound perfectly to DUMMY AUDIO," and the solution provided is "sudo chown -R 777 / ; sudo reboot", which doesn't even fix the problem, but since OP doesn't encounter the problem over the next few hours he marks the thread as FIXED, and then every other subsequent thread on Pulseaudio has a reply stating "well obviusly u didn't search bcuz u would hav seen 2 SUDO CHMOD -R 7777 / lol ;) ;) ;) ;) ;)" .

The hashes are salted (2, Interesting)

Dwedit (232252) | about a year ago | (#44376767)

The hashes are salted. Who cares about a breach with salted hashes?

Re:The hashes are salted (1, Interesting)

TWX (665546) | about a year ago | (#44376809)

That's what I'm wondering, given that's the whole point in using that method to store credentials in the first place...

I also have to question the practicality of having different passwords for all one's accounts, especially on things as nonessential as forums. Between work and things that matter I already have to remember too many passwords.

Re:The hashes are salted (1)

CastrTroy (595695) | about a year ago | (#44376895)

Why would you have to remember them? Just use something like Password Safe [sourceforge.net] or KeePass [keepass.info] to remember your passwords for you. Not only do you not have to remember your passwords, but because you don't have to remember them, you can have much longer and more complex passwords.

Re:The hashes are salted (1)

TWX (665546) | about a year ago | (#44380437)

And how does that work across multiple different and different kinds of devices exactly?

Re:The hashes are salted (0)

Anonymous Coward | about a year ago | (#44378919)

I can't remember what email address/password I used for this forum. It's not in my `lastpass` vault and as they've taken down the site there's no way of finding out.
 

Re:The hashes are salted (0)

Anonymous Coward | about a year ago | (#44379421)

I've received an email about the breach on the address I used to register.

Re:The hashes are salted (1)

Rockoon (1252108) | about a year ago | (#44376815)

Smart people?

Re:The hashes are salted (4, Interesting)

fluffy99 (870997) | about a year ago | (#44376829)

The hashes are salted. Who cares about a breach with salted hashes?

If they aren't sure of the extent of the compromise, reading salted hashes (assuming they were) might only be part of the problem. Could be they were intercepting passwords on the fly.

Re:The hashes are salted (0)

Anonymous Coward | about a year ago | (#44378117)

more email spam... The email address were plain text. Also other personal details pertaining to the email address.

Re:The hashes are salted (1)

MMC Monster (602931) | about a year ago | (#44378997)

If you have a known username and password, is it possible to derive the salt?

Re: The hashes are salted (0)

Anonymous Coward | about a year ago | (#44379419)

The salt is stored next to the password in the database, it protects against rainbow tables style attacks (which basically amount to indexing the hashes, so that only once do the months of computation need to happen to crack a hash). The key to the salt is that it's different for each password. So my password is 12345, next to it in the database is the salt 54321 (actually, probably a long random number) so when I type my password, the salt is added and we get 1234554321, this makes the hash equivalent to a longer password when indexing, so you have to use typical brute force methods to get it (I think a recent link on ars technica that references correct horse battery xkcd in the title if you want to find it) talks about how effective brute force has become, but still salted hashed would take about a day a password on a highish end desktop.

Re:The hashes are salted (BUT NOT PROPERLY) (4, Informative)

rgbrenner (317308) | about a year ago | (#44376871)

They use vBulletin.. the passwords are salted.. but it's just md5(salt+md5(password)). The salt is in the db, and it's just 2 md5 hashes -- NO stretching, PBKDF2, bcrypt, or anything else. It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.

http://www.vbulletin.org/forum/showthread.php?t=178091 [vbulletin.org]

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44376901)

In that case they should set all accounts into a state in which it can be only reactivated via e-mail confirmation.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44377127)

Via the e-mail addresses that were also leaked?

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44377365)

Yes.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

Rockoon (1252108) | about a year ago | (#44376997)

Indeed...

Here is a 25 GPU cluster that can go after MD5 hashes. [arstechnica.com]

The cluster can try 180 billion combinations per second against the widely used MD5 algorithm

Realize that an 8 character password is only about 48 bits of entropy, so if you find a key that hashes to that 128-bit MD5 hash code then its almost certain that that is in fact the password and not just a random collision. I am appalled at the horrible password "protection" practice in use today. In the 1980's we knew better and didnt store the entire god damned hash.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

niftydude (1745144) | about a year ago | (#44377059)

It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.

Really? Can you explain how this is done? My understanding is that MD5 is a one way hash function. I know of no real way to reverse an MD5 hash. I know there are MD5 databases that can do a reverse lookup, but they are only limited to dictionaries the common strings they contain. Surely that is only really useful if your password was something stupid like a dictionary word, or some lame leetified word like "l0ve". How do you reverse an MD5 hash if it is not?

I am genuinely interested.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44377099)

Rainbow tables.

Re:The hashes are salted (BUT NOT PROPERLY) (4, Interesting)

Rockoon (1252108) | about a year ago | (#44377147)

How do you reverse an MD5 hash if it is not?

You try all possible inputs at a rate of 180 billion combinations per second. [arstechnica.com]

For an 8 character alphanumeric with a few symbols, thats about 48 bits of entropy, which equates to 1564 seconds (26 minutes) to try every single possible input. Since you used a 128-bit hash on 48 bits of entropy, the odds are very very very good that only one single input will result in the stored MD5 hash.

Thus the attack knows precisely what the original password was in only 26 minutes, which fits the definition of "reversing" the hash in no more than 26 minutes.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

niftydude (1745144) | about a year ago | (#44377271)

You try all possible inputs at a rate of 180 billion combinations per second. [arstechnica.com] Thus the attack knows precisely what the original password was in only 26 minutes, which fits the definition of "reversing" the hash in no more than 26 minutes.

Ok. That is fast. Still - there are two md5 hashes with a salt added - so it would likely take 52 minutes - although I think you could call that a distinction without a difference.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

Rockoon (1252108) | about a year ago | (#44377349)

Ok. That is fast. Still - there are two md5 hashes with a salt added - so it would likely take 52 minutes - although I think you could call that a distinction without a difference.

Dont forget that since the users account name isnt part of the salt (or so I presume, given the bad hashing practice already noted by others), then every accounts hash can be attacked simultaneously. Thats 26 or 52 minutes to crack the password of every single account.

Re:The hashes are salted (BUT NOT PROPERLY) (2)

rgbrenner (317308) | about a year ago | (#44377399)

the salt is random.. so each user's password would need to be cracked individually.

that doesn't make it 52min though..

You could speed this up by hashing the password you want to try, then hashing it with each user's salt. So instead of 2x hashes, you would have (# of users) + 1 md5 calcs for each password attempt.

And the average time would be 1/2 of the max time.

Also... most of those passwords are probably dictionary words.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

MrEricSir (398214) | about a year ago | (#44377537)

the salt is random.. so each user's password would need to be cracked individually.

That isn't very comforting without knowing the hacker's intentions. For all we know, maybe your password was the only one they wanted.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44377651)

Then don't use 8 letter passwords.

11 random alphanumerics at 180e9 tries per second is 62^11/180e9/(60*60*24) = 3345 days, quite enough for anything worth hacking your account to lose importance. That's the beauty of exponentiation - adding one more cracking rig doubles the speed, but adding one more character makes password take sixty times longer to crack.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

Rockoon (1252108) | about a year ago | (#44377739)

Then don't use 8 letter passwords. 11 random alphanumerics at 180e9 tries per second is 62^11/180e9/(60*60*24) = 3345 days

..1600 days next year, 800 days the year after, 400 days the year after that, ...

Not to mention that we are talking about a 25 GPU's rig. I'm quite certain that some botnet owners have access to a hundred thousand decent GPU's, and a million not-so-decent GPU's. Welcome to reality.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44379727)

Google, Microsoft and similar have very very many servers. Typical estimates are in the order of a million.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44378159)

So? Now they have my ubuntu forums password, what are they going to do with it? Post as me?

Re:The hashes are salted (BUT NOT PROPERLY) (1)

stiggle (649614) | about a year ago | (#44380073)

Well they can try and use the same username & password on other forums.
They can try and use the same password on your email address.
If they get into your email, then they can request password resets for online banking, paypal, etc.

This is why you don't use the same passwords on different systems.
If you have your own domain, then use different email addresses for each site filtering into a central inbox. This also makes it easier to track where spammers get your address from.

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44377461)

Do you even know what salting is? Salt is already unique random value per user, no need for user's account name.

So, it's 20 minutes to try every quite weak password for a single user. If you throw symbols and space in the mix, it gets closer to 10 hours. Or you can even just add 9th alphanumeric character instead and it gets to 20 hours (or 40 days with random 9 out of full printable ASCII set).

IOW, even with this shitty hashing scheme you can have plenty of time before someone cracks your pass, if they even bother after trying easy passwords - if you don't use 12345 (or, say, qazwsxedcrfvtgbyhnujmik,ol.p;/[']\) as your pass.

Re:The hashes are salted (BUT NOT PROPERLY) (2)

rgbrenner (317308) | about a year ago | (#44377447)

"Still - there are two md5 hashes with a salt added "

No, even that part was done improperly. Since they hashed the password, then added the salt, then hashed the result.. it's actually just (# of users) + 1 md5 hashes.

1) hash password
2) concat hash + salt
3) hash result
4) repeat 2 & 3 for each user

Re:The hashes are salted (BUT NOT PROPERLY) (1)

Rockoon (1252108) | about a year ago | (#44377309)

To expand further on this, it is a violation of CWE-257 [mitre.org] to store a much wider hash than the passwords entropy.

"The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users."

Storing a 128-bit hash of a typical password, due to their much lower entropy, is in fact storing it in a recoverable format.

Re:The hashes are salted (BUT NOT PROPERLY) (2)

rgbrenner (317308) | about a year ago | (#44377189)

MD5 is just not computationally intensive by todays standards. You can easily calculate several BILLION MD5 hashes per second on a modern GPU. It's fast enough that you can simply bruteforce it.. you can rent an EC2 cluster for a few dollars if you don't want to spend the money on the GPUs.

There's a reason why at a minimum stretching is used (this is when you hash a password + salt, then hash the hash typically a few 10000 times)... this is standard practice BTW if you're going to use hashes (or better, use bcrypt or pbkdf)

The only thing the salt does is prevent them from cracking all of the passwords at once.. they'll have to crack each user individually.

Re:The hashes are salted (BUT NOT PROPERLY) (1)

lindi (634828) | about a year ago | (#44378399)

Btw, the article you linked says it's actually md5(md5(password)+salt).

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44379523)

Addition is commutative, so salt+md5(password) == md5(password)+salt

How's that GED going, by the way? Ready to re-take the exam again?

Re:The hashes are salted (BUT NOT PROPERLY) (0)

Anonymous Coward | about a year ago | (#44381029)

String appending is not commutative though. How's kindergarten?

Re:The hashes are salted (BUT NOT PROPERLY) (1)

rgbrenner (317308) | about a year ago | (#44379539)

You're right.. the hash is appended to the password hash (not prepended). Carelessness on my part.. good catch.

Re:The hashes are salted (1)

bmk67 (971394) | about a year ago | (#44376881)

Would you prefer that they kept silent? I wouldn't. Personally, I prefer an appropriate amount of transparency to silence and bullshit.

Re:The hashes are salted (1)

AHuxley (892839) | about a year ago | (#44377117)

What is holding all the sites back from better password as mentioned the md5(salt+md5(password))?
What do website admins think of "Here is a 25 GPU cluster that can go after MD5 hashes" arstechnica.com efforts?
Power and CPU time per user is the expensive over many users over years with new encryption?
Lack of easy software upgrades? ie would users have to re join as "new" encryption is added?
Good encryption is expensive per site? Needs hardware upgrades or next gen cpu?

Re:The hashes are salted (1)

bmk67 (971394) | about a year ago | (#44377277)

What is holding all the sites back from better password as mentioned the md5(salt+md5(password))?

What do website admins think of "Here is a 25 GPU cluster that can go after MD5 hashes" arstechnica.com efforts?

Power and CPU time per user is the expensive over many users over years with new encryption?

Not generally, no. While strong encryption is considered an expensive operation, for a typical system, authentication is something that is relatively rarely done and the computing expense is a tiny part of the overall.

The trick is to make the hashing algorithm inexpensive enough that it isn't a burden on the authenticating system, but expensive enough that it's impractical to attack the hashes, now and a for a reasonable time going forward. As more computing power becomes available, that balance point shifts. Where that point lies at any given time is left as an exercise for people more knowledgeable than I.

Lack of easy software upgrades? ie would users have to re join as "new" encryption is added?

No, that would not be necessary. The authentication system needs to track the hashing method used for each user's credentials, and users can be required to do a password change and inherit more secure hashing algorithms (this leaves "abandoned" accounts potentially vulnerable, but that can be dealt with as well). The challenge comes when the operator is at the mercy of the software vendor to implement the functionality, or when they lack the motivation / skills / etc to do it themselves.

Re:The hashes are salted (2)

cbhacking (979169) | about a year ago | (#44377783)

You don't even need a password change. You just store in the database what password verifier scheme was used (and a pair of MD5s with a salt of unknown size is a damn weak one) and then when the user logs in, you derive the password verifier using the scheme stored in the DB for their account. If it matches, then you log them in (of course) but you *also* computer a new password verifier using the new, better scheme - say, PBKDF2 with 50000 iterations - and then store that new verifier, and the new scheme you used to derive it, to the user's account entry in the DB. It's completely transparent to the user. As a bonus, this makes it easy to adopt even stronger schemes in the future.

Re:The hashes are salted (0)

Anonymous Coward | about a year ago | (#44378407)

... and users who never log in any more will keep the weak hashes forever.

Re:The hashes are salted (0)

Anonymous Coward | about a year ago | (#44378453)

Adding a salt to a hash doesn't magically make a hash harder to break, since the salt must necessarily be stored along with the hash.
However, it does make for unique(r) hashes, so if two people happen to use the same password, they'll likely be encrypted to different hashes.

Re:The hashes are salted (1)

HJED (1304957) | about a year ago | (#44378497)

Because apparently [simplemachines.org] the hacker's have managed to crack them.

brute force (0)

Anonymous Coward | about a year ago | (#44380391)

The hashes are salted. Who cares about a breach with salted hashes?

Salted-and-hashed passwords could still be brute forced, especially if only a simple MD5 or SHA-1 is applied instead of something like MD5crypt or PBDK2. Ars Technica had a good article on the topic:

http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/

Goddamn (1)

readingaccount (2909349) | about a year ago | (#44376865)

Dupe.

samzenpus, you fucking suck sometimes. Hope you're not getting paid for this.

Dupe or another breach? (2)

bloodhawk (813939) | about a year ago | (#44376915)

So has this happened yet again or just another Dupe?

Re:Dupe or another breach? (0)

Anonymous Coward | about a year ago | (#44378509)

Slashdots editorial system has been breached!

Oh wait .... that's a dupe - it happened years ago

It's obviously a lie... (-1)

Anonymous Coward | about a year ago | (#44377007)

.... propogated by Microsoft. Everyone knows that Linux can't be hacked.

*ducks*

Re:It's obviously a lie... (0)

Anonymous Coward | about a year ago | (#44377699)

Well, Linux was made by hacking. :)

stop using passwords and emails (0)

Anonymous Coward | about a year ago | (#44377653)

at least stop using email for authentication

Bad timing for Canonical (2)

Camael (1048726) | about a year ago | (#44377671)

This will probably hurt their campaign to bring Ubuntu to mobile [engadget.com] .

Their kickstarter at Indiegogo [indiegogo.com] already seems to be slowing down.

Not quite fair to link a forum breach to Ubuntu, but public perception is what matters.

Re:Bad timing for Canonical (-1)

Anonymous Coward | about a year ago | (#44378145)

We're probably getting bombarded with Ubuntu edge stuff this week to take attention away from the security breach.

and yes, it's very fair to link the forum breach to the OS. Why? If they failed to patch their VBulletin forum software on one of their own servers, how can we trust them to patch our server operating systems properly? As an Ubuntu Server user it's kind of worrying that their techies would let something like this go down.

Re:Bad timing for Canonical (0)

Anonymous Coward | about a year ago | (#44378857)

From nonexistent to even more nonexistent.

Thats a paddlin. (0)

Anonymous Coward | about a year ago | (#44377761)

For both.

Forced sign-in (1)

BlackPignouf (1017012) | about a year ago | (#44378549)

Great.
With their policy of needing to sign-in in order to download anything (script, picture, ...), I bet they have way more information than they needed to have.
And this information is now compromised....

Salting the hash is not enough (1)

gweihir (88907) | about a year ago | (#44379243)

I hope the iterated with a sufficiently high count in addition. But as they do not say that, I am doubtful. Any competently done set-up would at the very least use PBKDF2 or scrypt with an iteration count > 100'000.

Why do people keep getting this very basic stuff wrong?

Ummmm.... (1)

Dcnjoe60 (682885) | about a year ago | (#44379461)

It's not news, even for nerds, when it is reported a week after everybody else reported it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?