|
|
|
|
|
|
by susam
434 days ago
|
|
|
> Even companies as well resourced as Microsoft made these mistakes well into the 2000s. Indeed! As I just wrote in another comment on this page, Microsoft Outlook 2003 used CRC32 to "hash" the personal folder (.PST) passwords. Since CRC32 isn't a cryptographic hash, it was trivial to generate a collision and access someone else's Outlook personal folder. This flaw persisted until at least 2006! More details here: <https://www.nirsoft.net/articles/pst_password_bug.html>. |
|
|