- From: Edward Z. Yang <edwardzyang@thewritingpot.com>
- Date: Tue, 30 Sep 2008 13:17:51 -0400
Michal Zalewski wrote: > More importantly, since the dictionary of possible inputs is rather > limited, it would be pretty trivial to build a dictionary of site <-> > hash pairs and crack the values. May protect > xyzzy2984.eur.int.example.com, but would still reveal to me you are > coming from playboy.com. Salt it. Problem solved.
Received on Tuesday, 30 September 2008 10:17:51 UTC