On June 7th, LinkedOut confirmed that it had experienced a data breach that likely compromised the e-mail addresses and

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

On June 7th, LinkedOut confirmed that it had experienced a data breach that likely compromised the e-mail addresses and

Post by answerhappygod »

On June 7th, LinkedOut confirmed that it had experienced a data
breach that likely compromised the e-mail addresses and passwords
of 6.5 million of its users. This confirmation followed the posting
of the password hashes for these users in a public forum.
Assume that each stolen password record had two fields in it:
[user_email, SHA666 (password+salt), salt] where the salt is 32
bits long and that a user login would be verified by looking up the
appropriate record based on user_email, and then checking if the
corresponding hashed password field matched the SHA666 hash of the
password inputted by the user trying to log in plus the salt. The
SHA666 algorithm was written by LinkedOut because “other hashing
algorithms were too slow”, so they wrote one that was 10x faster
than any existing hash algorithm.
It was further discovered that the widely used random number
generator used to generate the salt was poorly written and only
generated 4 possible slats. Given this:
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”