Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.ar.al is one of the many independent Mastodon servers you can use to participate in the fediverse.
This is my personal fediverse server.

Administered by:

Server stats:

1
active users

mastodon.ar.al: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.3

Aral Balkan

“The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. All the passwords it created could be bruteforced in seconds.”

donjon.ledger.com/kaspersky-pa

They used math.random() on the web version y’all. This is a “security” company. I’m speechless.

donjon.ledger.comKaspersky Password Manager: All your passwords are belong to usPassword generated by Kaspersky Password Manager were predictable (CVE-2020-27020).
··Web
42boosts·29favorites
Alexey

@aral :blobcatgooglytrash: Kaspersky proves their incompetence again

Alexey

@aral I would also recommend reading some articles about it here: palant.info/categories/kaspers. It's funny how a security company can fail that bad

palant.infoCategories: kasperskyWladimir Palant's blog
cytopyge

@aral Glad I'm using
```< /dev/random tr -d -c "[:graph:]"``` with enough entropy for gerenation of my passwords.

Bob Mottram

@aral

Aral Balkan

@bob Ironically ;)

Screenshot of post showing the media as “not available”
Aral Balkan

@bob Ah, I thought it was a reply to the other thread.
So less ironic but still, not sure why it’s not showing up.

Bob Mottram

@aral @bob I think this is related to CDNs, possibly HTTP 1.1, and webserver caching on Mastodon. Like the avatar update problem, I spent a lot of time investigating it, but found nothing which wasn't compliant.

TrendingLive feeds
About