Linked by Thom Holwerda on Wed 6th Jun 2012 22:30 UTC
Privacy, Security, Encryption Bad day for LinkedIn: not only did 6 million of their passwords get stolen and published online (as SHA1 hashes, but still), their iOS and Android applications uploaded your calendars to LinkedIn (after opting in, though). The Sensationalist Headline of the Day Award goes to Ars Technica. I guess everyone's starting to feel the sting of The Verge's fully deserved success.
Thread beginning with comment 521123
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Comment by gan17
by Soulbender on Thu 7th Jun 2012 05:06 UTC in reply to "Comment by gan17"
Soulbender
Member since:
2005-08-18

Why would a (supposedly) professional organization like LinkedIn be storing unsalted user passwords anywhere on their systems in the first place?!


Incompetence? Stupidity?

Edited 2012-06-07 05:07 UTC

Reply Parent Score: 5

RE[2]: Comment by gan17
by zima on Wed 13th Jun 2012 23:23 in reply to "RE: Comment by gan17"
zima Member since:
2005-07-06

Last.fm possibly joining that club:
http://www.last.fm/passwordsecurity
http://www.last.fm/forum/21713/_/2054638
(and it they're almost implying that "recent password leaks on other sites" are some sort of justification...)

Reply Parent Score: 2