Hacker News new | ask | show | jobs
by rosnd 1275 days ago
Why do you think it is likely? That's a very strong claim.

> such as bad RNG

How could that be a problem? The attacker doesn't control your passwords. How would you exploit a known IV as an attacker in this context?
1 comments
paulpauper 1275 days ago
there are many ways the encryption could have been implemented badly. a weak RNG is one
link
bbbbb5 1275 days ago
Do you actually know anything about this subject, or are you just speculating?
link
paulpauper 1275 days ago
faulty implementation of crpyto is not unheard of. it happens a lot.
link
bbbbb5 1275 days ago
Yes, but how exactly is the LastPass implementation faulty? In your other comment you claim to know that it is.
link