Hacker News new | ask | show | jobs
by tarmac 6251 days ago
Correct, the blog post is assuming the password is stored in plain text, when he doesn't even have hard evidence about it.

Two way encryption would be an explanation to this, so I am waiting on what 37s' answer to this blog post.

It's sad people quickly come to conclusions when only hearing one side of the story.
1 comments
sounddust 6251 days ago
From a security standpoint, there is no difference between storing the password in plain text, and storing it encrypted with the keys on the server to decrypt it. It's like saying that having an unlocked safe is not the same thing as having a locked safe with the keys left in the lock. Why should the OP make the distinction?
link
anatoly 6251 days ago
Because there is a difference. Sure, academically, and positing an ability to break into anything, encrypting the passwords and retaining the key is useless. But realistically, I can think of a few ways off the top of my head where the difference might matter.

For example, you could have a dedicated decryption server holding the server-side key, carefully isolated from the rest of the internal network, its only channel of communication a single socket with request/response on decrypting passwords for password recovery. It could have rate limiting built in, and a storm of alerts to go off if backends request too many decryptions.

link
tarmac 6251 days ago
You're assuming the keys are the only way to get into the safe. There you go again with flawed reasoning.

What if I drill into the safe and open it in a different manner?

ANY type of security has it's weaknesses. The only way is to add layers of security to make it harder to crack.

link
sounddust 6251 days ago
Sure, I think everyone on HN agrees that any type of security has its weakness. What we are discussing here is whether 37signals is inadequately handling users' data by storing passwords in plain text, and the argument is that there is no difference in the level of security of "encrypted" passwords if the server has the key to decrypt them.

In other words, even if the author found out before writing the article that 37signals was storing users' passwords encrypted (instead of hashed), then he still would have written his article, and we would still be just as concerned as we are now.

You seem to be arguing against a point that no one is making.

link
ErrantX 6251 days ago
layered security is not the answer - if the weakness is elsewhere in your application then potentially passwords can be extracted in other ways (people run straight to SQL injection as the main source but any decent cracker will be able to explore other options).

Hashing and salting a password removes absolutely ewvery security weakness in terms of directly extracting the password. No need for layered security and potentially complex uneeded encryption/decryption in your app. Safe, secure. end of the matter :)

link
rythie 6250 days ago
"Hashing and salting a password removes absolutely ewvery security weakness in terms of directly extracting the password. No need for layered security and potentially complex uneeded encryption/decryption in your app. Safe, secure. end of the matter :)"

It is seriously worrying that you believe this.

Cracking hashed passwords offline is no big deal on a single machine unless you have really strong password policy - you know, the type of password no real regular user would even enter.

link
ErrantX 6250 days ago
you think? I'll give you a 4 character password correctly salted and hashed with Sha1 and would like to see you crack it ;)

Allowing password security to depend on what the user enters IS silly - but who would! 32haracter salts and sha256 is going to produce a fairly uncrackable password.

Even if you know the salt and the salting algorithm (because simply appending a salt is also silly) it can still take a while :)

Im not talking about just sticking "MYSECRETSTRING" on the end of every password and sha1-ing it :)

link
ErrantX 6250 days ago
Ok to prove what I am talking about (because it is only fair I do). Here are four 4 character password correctly hashed and salted.

6fe4bc5a51a3967a3a5e8d2f2baadd08db8cfa87934d88c142b7f89a

2faf5762d544eafaea9792e90660bfd224ffda2bb5f4dd4435a011ba

86096426b8cef5ebbf438a3f743b955100a4a0b4f72593af7485a1bb

0522e582fb1186fb79934998be7ee04f6c4a607009218fa3c35cffc6

The hash algorithm used is sha1. The salting scheme uses a randomly generated salt and a known salting roation. I gave you 4 to give you fair chance to work on them. I'll give you more if you want. (there is no way to brute force these BTW so dont really bother :))

link
Hexstream 6251 days ago
But encrypting the passwords with a key on the server is an additional "layer of security" that doesn't actually making it harder to crack. You're just adding complexity for naught.
link
m_eiman 6251 days ago
It prevents you from getting the passwords with an SQL injection attack (or by reading the users.txt or whatever storage is used for the user list), so it does add protection.
link
Hexstream 6251 days ago
Ok, I was assuming the attacker had full access to the server.
link