Hacker News new | ask | show | jobs
by forkerenok 3086 days ago
I'm not sure what's worse. If they knew it then risks should have been communicated to their user base.
1 comments
bjoli 3086 days ago
I suspect it was more of a "this is old and crufty and isn't how we would do it today".

Guessing the 128-bit number is non-trivial, and once someone has the ability to access the group id, all is already failed.

link