Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Cal Leeming
"People ***should*** be using" "so ***technically*** this shouldn't even matter" I was taking the piss lol. On Thu, Apr 7, 2011 at 3:59 PM, wrote: > On Wed, 06 Apr 2011 18:10:29 BST, Cal Leeming said: > > People should be using a different password for every external service > > anyway, so tech

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Valdis . Kletnieks
On Wed, 06 Apr 2011 18:10:29 BST, Cal Leeming said: > People should be using a different password for every external service > anyway, so technically this shouldn't even matter ;) You're new here, aren't you? :) pgpt9sj2oQD91.pgp Description: PGP signature ___

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Inc Leartext
it trivial > to decrypt, but of course it all depends on what problem we are trying to > solve. > > > > t > > > > *From:* Cal Leeming [mailto:c...@foxwhisper.co.uk ] > *Sent:* Wednesday, April 06, 2011 11:58 AM > *To:* Peter Osterberg > *Cc:* Thor (Hammer of God); Ma

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Cal Leeming
> > > t > > > > From: full-disclosure-boun...@lists.grok.org.uk > > [mailto:full-disclosure-boun...@lists.grok.org.uk] > On Behalf Of Mario > > Vilas Sent: Wednesday, April 06, 2011 9:05 AM To: Romain Bourdy > > Cc: full-disclosure; Inc leartext > >

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Cal Leeming
> full-disclosure-boun...@lists.grok.org.uk wrote on 01.04.2011 02:17:24: > > > Inc leartext > > Sent by: full-disclosure-boun...@lists.grok.org.uk > > > > 01.04.2011 13:14 > > > > To > > > > full-disclosure@lists.grok.org.uk > > > &

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Cal Leeming
gt; Sent by: full-disclosure-boun...@lists.grok.org.uk > > > > 01.04.2011 13:14 > > > > To > > > > full-disclosure@lists.grok.org.uk > > > > cc > > > > Subject > > > > [Full-disclosure] password.incleartext.com > > > >

Re: [Full-disclosure] password.incleartext.com

2011-04-07 Thread Peter Osterberg
t; > > *From:*Cal Leeming [mailto:c...@foxwhisper.co.uk] > *Sent:* Wednesday, April 06, 2011 11:58 AM > *To:* Peter Osterberg > *Cc:* Thor (Hammer of God); Mario Vilas; Romain Bourdy; > full-disclosure; Inc leartext > *Subject:* Re: [Full-disclosure] password.incleartext.com &

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Thor (Hammer of God)
ng to solve. t From: Cal Leeming [mailto:c...@foxwhisper.co.uk] Sent: Wednesday, April 06, 2011 11:58 AM To: Peter Osterberg Cc: Thor (Hammer of God); Mario Vilas; Romain Bourdy; full-disclosure; Inc leartext Subject: Re: [Full-disclosure] password.incleartext.com Tbh, I'd be unhappy about a

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Valdis . Kletnieks
On Wed, 06 Apr 2011 22:38:56 +0200, Romain Bourdy said: > So let's say I store password using PGP for *recovery*, encrypted with my > own keys as sender and recipient , I can recover plaintext passwords > whenever I want to, but is it unsecure ? At that point, the security is exactly equal to the

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Romain Bourdy
n On Wed, Apr 6, 2011 at 9:30 PM, T Biehn wrote: > I sent this only to Romain, > Some other posters wanted to know the other scenarios. > > -Travis > > > -- Forwarded message -- > From: T Biehn > Date: Wed, Apr 6, 2011 at 10:33 AM > Subject: Re: [F

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread T Biehn
I sent this only to Romain, Some other posters wanted to know the other scenarios. -Travis -- Forwarded message -- From: T Biehn Date: Wed, Apr 6, 2011 at 10:33 AM Subject: Re: [Full-disclosure] password.incleartext.com To: Romain Bourdy The only scheme where there

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Peter Osterberg
k > [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Mario > Vilas Sent: Wednesday, April 06, 2011 9:05 AM To: Romain Bourdy > Cc: full-disclosure; Inc leartext > Subject: Re: [Full-disclosure] password.incleartext.com > > Actually, if they can get the data back

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Thor (Hammer of God)
AM To: Romain Bourdy Cc: full-disclosure; Inc leartext Subject: Re: [Full-disclosure] password.incleartext.com Actually, if they can get the data back (be it because it's stored in plaintext or in obfuscated plaintext) then it's not secure. Obfuscation doesn't make it more secure, or

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Mario Vilas
leartext >> > Sent by: full-disclosure-boun...@lists.grok.org.uk >> > >> > 01.04.2011 13:14 >> > >> > To >> > >> > full-disclosure@lists.grok.org.uk >> > >> > cc >> > >> > Subject >> > &g

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Romain Bourdy
ts.grok.org.uk > > > > 01.04.2011 13:14 > > > > To > > > > full-disclosure@lists.grok.org.uk > > > > cc > > > > Subject > > > > [Full-disclosure] password.incleartext.com > > > > Hi FD, > > > > Just

Re: [Full-disclosure] password.incleartext.com

2011-04-06 Thread Maksim . Filenko
Kinda plaintextoffenders.com? wbr, - Max full-disclosure-boun...@lists.grok.org.uk wrote on 01.04.2011 02:17:24: > Inc leartext > Sent by: full-disclosure-boun...@lists.grok.org.uk > > 01.04.2011 13:14 > > To > > full-disclosure@lists.grok.org.uk > > cc >

[Full-disclosure] password.incleartext.com

2011-04-01 Thread Inc leartext
Hi FD, Just launched a new website to keep a list of websites storing passwords in clear text, so far the database is small but feel free to add some: http://password.incleartext.com/ Cheers, Inc Leartext ___ Full-Disclosure - We believe in it. Char