Comments on: LinkedIn responds to security breach, outlines next steps http://gigaom.com/2012/06/06/linkedin-breached-but-not-stirred/ Tue, 21 May 2013 06:31:34 +0000 hourly 1 http://wordpress.com/ By: Chris Naegelin http://gigaom.com/2012/06/06/linkedin-breached-but-not-stirred/#comment-848901 Wed, 06 Jun 2012 21:36:25 +0000 http://gigaom.com/?p=529551#comment-848901 Was your linkedin password hacked? Find out @ http://check.spotflux.com/

]]> By: Ron Larson http://gigaom.com/2012/06/06/linkedin-breached-but-not-stirred/#comment-848886 Wed, 06 Jun 2012 21:11:14 +0000 http://gigaom.com/?p=529551#comment-848886 … somehow my comment got cut off… to continue:
Password should never be stored. Instead, a salted hash value from the password is stored. This is super basic security design. You can’t steal what doesn’t exist. And the salting makes rainbow table attacks on the stored hashes unfeasible.

Really makes you wonder who is running the show.

]]> By: Ron Larson http://gigaom.com/2012/06/06/linkedin-breached-but-not-stirred/#comment-848885 Wed, 06 Jun 2012 21:07:24 +0000 http://gigaom.com/?p=529551#comment-848885 What I can’t understand is why LinkedIn stored passwords in the first place. If I am reading this right, they stored them in an encrypted format.

]]> By: leosbog http://gigaom.com/2012/06/06/linkedin-breached-but-not-stirred/#comment-848868 Wed, 06 Jun 2012 19:59:49 +0000 http://gigaom.com/?p=529551#comment-848868 There is at least one more LinkedIn leak, number 3? Photos leaking (if set to contacts only) and ignoring privacy settings (profile details) of a large share of users reported at http://leosbog.nrvr.com/2012/05/31/linkedin-private-data-gone-public/

]]>