|
|
|
|
|
|
by hangonhn
443 days ago
|
|
|
Even companies as well resourced as Microsoft made these mistakes well into the 2000s. Remember when they used plain old AES to encrypt the Viewstate for ASP.Net? It was vulnerable to padding oracle attacks: https://en.wikipedia.org/wiki/Padding_oracle_attack#Attacks_... Cryptography is such an esoteric and deep field that it's easy for a fairly smart but inexperience engineer to misjudge the security of a particular implementation or usage of a cryptographic primitive. |
|
|
Indeed! As I just wrote in another comment on this page, Microsoft Outlook 2003 used CRC32 to "hash" the personal folder (.PST) passwords. Since CRC32 isn't a cryptographic hash, it was trivial to generate a collision and access someone else's Outlook personal folder. This flaw persisted until at least 2006! More details here: <https://www.nirsoft.net/articles/pst_password_bug.html>.