Mozilla inadvertently exposed the passwords of 44,000 inactive addons.mozilla.org accounts, but says there's nothing to worry about. "On December 17th, Mozilla was notified by a security researcher that a partial database of addons.mozilla.org user accounts was mistakenly left on a Mozilla public server," Mozilla's director of …
A sharp asskick all around for such goofery.
Nice relatively easy to crack MD5 hashes? Unsalted perchance?
Be good to try the resulting plain text passwords on any number of matching user names on any number of other subscription services, wouldn't you say?
I just knew that I should've used a different logon and password on those bank accounts.
What's to stop ....
... the idiot (or idiots) who did this from doing it again with really, for real, sensitive data? And there are actually miscreants out there that tell me I should trust "the cloud". Yeah right. Today's Moziolla idiot is tomorrows cloud idiot. If that's not the case already.
At least it appears they were up front and open
A bit better than some other companies out there....
I, like Larry, wondered if it was a phishing trip...
I now have Ad-Aware pro on my machine, free. It's a regularly offered special, I had to go to the right sites...and I may have been phished. What a thought (however, as I said, it's a regular year-end special for subscribers to...eh...something).
Well that's fine . . .
Fine except for the probably thousands of accounts that use the same name and password EVERYWHERE.
"Oh, they're only old passwords ..." indeed!
Even though weaknesses have been found in MD5 it doesn't mean that Joe Blow can feasibly extract the plaintext password from the hashes that were inadverently posted.
If you think you can, please tell me what plaintext I used for this hash: "0f0d334af847f44e9611204ed72275d0". I'll even tell you it's 14 characters plain english, no funny capitalization.
- Product round-up Coming clean: Ten cordless vacuum cleaners
- Product round-up Too 4K-ing expensive? Five full HD laptops for work and play
- 'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
- Worstall @ the Weekend BIG FAT Lies: Porky Pies about obesity
- 'Snoopers' Charter IS DEAD', Lib Dems claim as party waves through IP address-matching