Yahoo Sued For Password Breach

← Back to Stories (view on slashdot.org)

Yahoo Sued For Password Breach

Posted by samzenpus on Thursday August 2, 2012 @04:34PM from the see-you-in-court dept.

twoheadedboy writes "Yahoo is being sued by one of its users, who has claimed the US Internet company was guilty of negligence when 450,000 passwords of the members of the Yahoo Voices blogging community were posted online. Jeff Allan from New Hampshire has turned to a federal court in San Jose, California, after his eBay account, which used the same password as his Voices account, was compromised. The breach at Yahoo followed similar hits on LinkedIn and Nvidia, which together saw millions of passwords leaked."

93 comments

Min score:

Reason:

Sort:

Guilty of Negligence by O'Krap · 2012-08-02 16:37 · Score: 5, Insightful

One could say that reusing a password is negligent....
1. Re:Guilty of Negligence by Anonymous Coward · 2012-08-02 16:39 · Score: 3, Insightful
  
  But then one would be forced to be a complete idiot who implicitly stated that passwords were a good measure and that people have good enough memories and enough time on their hands to manage one unique strong password for every website they visit.
  Luckily one wouldn't say that. (maybe you would though.)
2. Re:Guilty of Negligence by NeveRBorN · 2012-08-02 16:40 · Score: 1
  
  I was just about to post the same thing. This guy should be suing himself. Now that's a trial I'd follow.
3. Re:Guilty of Negligence by Anonymous Coward · 2012-08-02 16:51 · Score: 1
  
  It's beyond negligence. If you reuse the same password for service X and Y, then you're implicitly trusting the owners of service X not to compromise your account at service Y. Therefore, you either (a) give the same password to anyone who puts a form on the web and asks for your password; this means you do not care who gets your password -- in other words, you admit it's your own fault or (b) you admit to discriminating between websites and using different passwords based on level of trust; therefore you already knew that you should be using different passwords for different services -- in other words, you admit it's your own fault.
  Either way, this case will be over after cross examination with a directed verdict for the defendant.
4. Re:Guilty of Negligence by icebike · 2012-08-02 18:48 · Score: 3, Informative
  
  Its his accounts that are at risk. His choice to take the risk. Not Yahoo's choice. See the difference?
  
  --
  Sig Battery depleted. Reverting to safe mode.
5. Re:Guilty of Negligence by manwargi · 2012-08-02 21:41 · Score: 1
  
  In Florida Bank of America has sued itself multiple times.
6. Re:Guilty of Negligence by Geeky · 2012-08-02 23:05 · Score: 2
  
  Regardless of whether passwords are a good measure, I do use a unique strong password for every important site I visit - i.e. ones that store personal or financial information. Not so bothered with forum logins and the like where it really doesn't matter all that much if they're compromised.
  I only remember one password, though, and that's the one to my password database that's stored locally on my PC. I use KeePass, but there are plenty of other password safe applications.
  
  --
  Sigs are so 1990s. No way would I be seen dead with one.
7. Re:Guilty of Negligence by isorox · 2012-08-02 23:07 · Score: 1
  
  But then one would be forced to be a complete idiot who implicitly stated that passwords were a good measure and that people have good enough memories and enough time on their hands to manage one unique strong password for every website they visit.
  Luckily one wouldn't say that. (maybe you would though.)
  Take one good password (say 12-15 characters)
  Then prepend with a unique 4 or 5 character which you keep written down in a file on your computer
  Each password then ends up being 16-20 characters long, however even if someone broke the hash (or some stupid site stored it in plain text -- like the one of the UK 2012 party conference accreditations), it would still be very hard to cross-contaminate the passwords.
8. Re:Guilty of Negligence by Vintermann · 2012-08-02 23:21 · Score: 1
  
  Better, but still not very good. At best, a cracker needs to corellate your passwords from two leaks, to see which part is the variable part. Or perhaps he can figure it out looking at just a single instance, if the variable bit is obvious enough.
  It's better to use a password manager, and two factor authentication where it is offered, such as gmail.
  For that matter, I store many passwords in gmail. If someone has gained control of that account, they can use password resets to gain access to those sites anyway, so there's no additional risk in storing them there.
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
9. Re:Guilty of Negligence by Anonymous Coward · 2012-08-02 23:56 · Score: 0
  
  That ofcourse do not rule out that yahoo were negligent too
10. Re:Guilty of Negligence by synapse7 · 2012-08-03 00:02 · Score: 1
  
  On the contrary, should he get a large settlement using the same password may be profitable.
11. Re:Guilty of Negligence by fph+il+quozientatore · 2012-08-03 00:06 · Score: 1
  
  One could say that reusing a password is negligent....
  Yes, it is, but once the password leaked from Yahoo, its account would have been pwned nevertheless:
  Step 1 - go to Ebay
  Step 2 - click on "recover password"
  Step 3 - log into his @yahoo.com e-mail with the leaked password
  Step 4 - reset password
  Step 5 - ??? Profit (how appropriate)
  The e-mail password serves as a sort of "master password" nowadays --- once it gets public, all your other passwords can be compromised.
  
  --
  My first program:
  Hell Segmentation fault
12. Re:Guilty of Negligence by John+Hasler · 2012-08-03 00:25 · Score: 1
  
  Yes, he screwed up, but so did Yahoo.
  This is why we have the concept of contributory negligence. If he and Yahoo are found to have contributed equally he will only get half his damages.
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
13. Re:Guilty of Negligence by foniksonik · 2012-08-03 00:46 · Score: 1
  
  Banks and othe high risk sites have two factor. You have to call or have a txt sent with one time pass code to your phone. Can't change the phone number without logging in.
  
  --
  A fool throws a stone into a well and a thousand sages can not remove it.
14. Re:Guilty of Negligence by WoodstockJeff · 2012-08-03 01:54 · Score: 1
  
  Or you could do something silly, like NOT USING THE SAME USER ID IN MULTIPLE LOCATIONS.
  For me, if it relates to money or control of a system, it has a unique user ID, password, and even email address. Break into Yahoo, and you might get my Yahoo account info, but you can't use it to figure out my eBay account information. Break into eBay, and you still don't have what you need to find my PayPal account.
  But people trust internet too much.
15. Re:Guilty of Negligence by tepples · 2012-08-03 02:22 · Score: 1
  
  I do use a unique strong password for every important site I visit - i.e. ones that store personal or financial information. Not so bothered with forum logins
  You might be surprised at what the law considers "personal information". Even an e-mail address, used to notify you of new posts on a forum or to act as a unique key in the user list, is "personal information" under at least one U.S. federal law.
  
  I only remember one password, though, and that's the one to my password database that's stored locally on my PC.
  So what do you when you want to check your bank balance from a machine other than your PC?
16. Re:Guilty of Negligence by Anonymous Coward · 2012-08-03 02:33 · Score: 0
  
  But people trust internet too much.
  Not me! I don't use it at all.
17. Re:Guilty of Negligence by tepples · 2012-08-03 02:33 · Score: 1
  
  A lot of web sites treat the user ID as the display name as well or tie it to a domain name. For example, if your eBay account name is philshobbyshop and your PayPal account is (something)@philshobbyshop.com, which of those should be changed?
18. Re:Guilty of Negligence by Tom · 2012-08-03 02:58 · Score: 1
  
  What world do you live in? 1975?
  The average computer user these days has how many different logins to how many different services, websites, etc. etc.? I'd guess that 20 is on the low end, and 100 not entirely uncommon.
  So, Einstein, pick one: Re-using passwords or writing them down somewhere (or storing them somewhere, like a password manager). It's one or the other, because you can not seriously expect people to remember several dozen different passwords. All of which, of course, are not meaningful words but random jumbles of letters numbers and special characters.
  
  --
  Assorted stuff I do sometimes: Lemuria.org
19. Re:Guilty of Negligence by Anonymous Coward · 2012-08-03 03:18 · Score: 0
  
  Or one could say optimizing ones time and memory.
20. Re:Guilty of Negligence by bensode · 2012-08-03 03:21 · Score: 1
  
  So what do you when you want to check your bank balance from a machine other than your PC?
  Keep a non-encrypted version of that file in Dropbox, of course! It is password protected, right? ;)
  
  --
  "Keep at least 3-6 full bottles of hard alcohol on hand, a 2 week resignation notice,..." - Poetmatt
21. Re:Guilty of Negligence by Geeky · 2012-08-03 03:51 · Score: 1
  
  You might be surprised at what the law considers "personal information". Even an e-mail address, used to notify you of new posts on a forum or to act as a unique key in the user list, is "personal information" under at least one U.S. federal law.
  Yes, but what I'm saying is it doesn't really matter if someone steals my generic forum logon password - all they'll get is my throwaway email account to spam and the ability to post on sites like this as me.
  
  So what do you when you want to check your bank balance from a machine other than your PC?
  My bank supplies a (physical) code generator that takes a pin number and generates a number. I don't carry that with me either, so I can't get access to my bank account when I'm out anyway.
  Having said that, I was simplifying. I do keep a copy of the password file on my phone. It's encrypted, and there's an Android version of the vault software. I could even sync it using dropbox, but why trust the encryption more than I need to!
  Finally, all my passwords are one of a few keywords followed by a random set of characters. I only store the random characters and the first letter of the keyword in the vault - enough to remind me which word to use as the prefix. Might not add much security, but it's one more layer
  
  --
  Sigs are so 1990s. No way would I be seen dead with one.
22. Re:Guilty of Negligence by Khyber · 2012-08-03 05:29 · Score: 1
  
  Wells Fargo had to sue itself, actually.
  http://yro.slashdot.org/story/09/07/13/1727218/wells-fargo-bank-sues-itself
  It was quite enjoyable to follow. The backtracking and confusion was so hilarious.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
23. Re:Guilty of Negligence by Khyber · 2012-08-03 05:41 · Score: 1
  
  Not happening. No excuse for Yahoo to store shit as plaintext.
  This lies squarely on Yahoo in today's world of technology. The common man cannot be expected to understand how Yahoo stores and protects passwords, even with a full explanation.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
24. Re:Guilty of Negligence by Anonymous Coward · 2012-08-04 15:55 · Score: 0
  
  This still constitutes the 'reasonable person' argument.
  Never mind the internet rules...politicians will NEVER understand those, along with the blue-chip corporate lawmakers.
  My father's emails are all using the same password. He is 69 years old and a smartphone is a Rubic's Cube to him. His agegroup makes a good majority of Americans. Ergo, 'reasonable person.'
25. Re:Guilty of Negligence by isorox · 2012-08-06 23:04 · Score: 1
  
  Better, but still not very good. At best, a cracker needs to corellate your passwords from two leaks, to see which part is the variable part. Or perhaps he can figure it out looking at just a single instance, if the variable bit is obvious enough.
  It's better to use a password manager, and two factor authentication where it is offered, such as gmail.
  For that matter, I store many passwords in gmail. If someone has gained control of that account, they can use password resets to gain access to those sites anyway, so there's no additional risk in storing them there.
  If a cracker is really after me specifically, I'm probably screwed regardless. Devil take the hindmost.
Liability by Malf.me · 2012-08-02 16:50 · Score: 2, Insightful

Regrettably a liability lawsuit like this seems to be one of the only tools available to encourage large organizations to take computer security seriously.
1. Re:Liability by John+Hasler · 2012-08-03 00:18 · Score: 1
  
  What's regrettable about it if it works?
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
2. Re:Liability by PetiePooo · 2012-08-03 01:58 · Score: 1
  
  Regrettable that the liability lawsuit necessarily follows a breach. The breach is the regrettable part; get it?
I hope Yahoo loses. by Anonymous Coward · 2012-08-02 16:51 · Score: 1

I'd LOVE to see companies start getting sued for this kind of stuff. It's really getting out of hand with how negligent companies are. If the government isn't going to do the job I say we can do the job ourselves via lawsuits. They start losing enough money they'll start thinking about not screwing up like this.
Granted, the logic of them being sued is kind of BS. Everyone knows better than to use the same password at multiple locations because of the possibility of this exact outcome, but I still hope Yahoo has to pay for it. Yahoo isn't a startup and they should know better. Especially after how many other examples are of this exact mistake.
Posting anonymously because I don't feel like burning my karma today.
1. Re:I hope Yahoo loses. by Anonymous Coward · 2012-08-02 16:57 · Score: 0
  
  The problem is that 'everyone' in that sentence is only referring to those who are tech savvy. Majority of my family uses the same password for all their accounts (I know this from being in-house tech for everyone).
2. Re:I hope Yahoo loses. by ShanghaiBill · 2012-08-02 18:35 · Score: 1
  
  Majority of my family uses the same password for all their accounts
  Here's a simple solution to keep people from reusing passwords: Establish a common database of strongly encrypted (SHA512 or better) passwords. Anyone who runs a legitimate website could register to use it. When someone creates an account on Yahoo using the password "correct horse battery staple", then Yahoo would hash that password, check it against the database, and let them know that someone somewhere has already used that password, so they have to pick another.
  I don't think the database would be of much use to crackers, because even if they knew a password was in the DB, they wouldn't know the username or the site.
3. Re:I hope Yahoo loses. by icebike · 2012-08-02 18:46 · Score: 1
  
  The problem is that 'everyone' in that sentence is only referring to those who are tech savvy. Majority of my family uses the same password for all their accounts (I know this from being in-house tech for everyone).
  Its not that big if a deal.
  There are several sites I read and very rarely post on, where my password is the same nonsense characters simply to save brain cells.
  Anyplace that matters gets a unique password. None of these reuse an email account password. But there are many trivial accounts where I use the same password
  Since I log in with different names on many of these sites there is no real easy way to match names to any other account.
  But the main point here is that its the users choice and the users accounts to risk, not something Yahoo should put at risk by storing unencrypted passwords.
  
  --
  Sig Battery depleted. Reverting to safe mode.
4. Re:I hope Yahoo loses. by bzipitidoo · 2012-08-02 19:54 · Score: 1
  
  No, this is a terrible idea.
  Letting crackers know whether someone has used a password lets them try to guess passwords all at once, instead of one user at a time. Once they've harvested a few passwords, the problem of matching them up with usernames is trivial. Grab usernames from email archives and the like, then brute force it from there. It does not take long to go through a few million usernames. The service can't even stop this with the bad idea of locking an account after 3 failed attempts since the cracker would be trying a different account each time.
  A much better approach is to not let users choose the whole password. Let users make part of the password, then generate something to add to it that also guarantees it is unique. That way, the service never has to tell new users to choose another password because their first choice is taken. Wouldn't have to reject passwords for being too weak either.
  
  --
  Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
5. Re:I hope Yahoo loses. by loxosceles · 2012-08-02 21:25 · Score: 1
  
  Salts, which are mandatory for good password storage, torpedo your idea. Sorry. Passwords stored without salts are vulnerable to rainbow table attacks.
6. Re:I hope Yahoo loses. by Vintermann · 2012-08-02 23:32 · Score: 1
  
  Such databases are plentiful already (google reverse hash lookup), and believe it or not: The knowledge that the password "hunter2" has been used as on one of Yahoo's two million accounts, is neither news to a cracker nor particularly useful.
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
7. Re:I hope Yahoo loses. by Khyber · 2012-08-03 05:43 · Score: 1
  
  "If the government isn't going to do the job I say we can do the job ourselves via lawsuits."
  The irony of this statement......
  Guess who handles the lawsuits?
  Yup, the government.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
TRWTF by Anonymous Coward · 2012-08-02 16:59 · Score: 5, Insightful

On the other hand, neither service X nor service Y should be storing your passwords in such a way that it is possible to recover the actual password.
1. Re:TRWTF by X0563511 · 2012-08-02 17:36 · Score: 1
  
  Yea, because taking 10 million years to recover the password totally works.
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
2. Re:TRWTF by The+Mighty+Buzzard · 2012-08-02 18:14 · Score: 3, Interesting
  
  On the other hand, a hell of a lot of services limit password length for some insane reason. Given the choice, I never use a password under 30 characters in length but there are sites I use that limit me to as little as eight characters. Nearly any (over 95%) possible password of eight characters or less can be looked up in a rainbow table in less than an hour by a single computer. With distributed rainbow table generation today, counting on hashing functions to be one way is rapidly becoming a thing of the past.
  
  --
  Violence is like duct tape. If it doesn't solve the problem, you didn't use enough.
3. Re:TRWTF by icebike · 2012-08-02 18:38 · Score: 5, Informative
  
  Salted passwords don't matter - you can recover the password. Heck, you can reverse engineer hashing algorithms by just making a bunch of passwords then recovering them.
  
  That would require you not only steal the password hash file but also the software used to create that file, including the salt, etc.
  The point in the current case is that the passwords WERE NOT stored encrypted in any form. They were stored in clear text despite every recommendation never to do this on any system. Its inexcusable.
  Every Linux distribution since the Pleistocene has defaulted to at least a minimally encrypted password file. Yahoo runs nothing but Linux. They would have had to intentionally bypass Linux security basics and roll their own to end up in such a mess.
  They deserve to be sued. Still it will be a hard case to win because there is no law that says they have to be careful or competent.
  
  --
  Sig Battery depleted. Reverting to safe mode.
4. Re:TRWTF by gVibe · 2012-08-02 18:39 · Score: 1
  
  You make it sound so easy...which its not. Reverse engineering hashing algorithms still require a lot juice, and a lot of luck, and even more patience. For example:
  
  A related-key attack can break up to 9 rounds of 256-bit AES. A chosen-plaintext attack can break 8 rounds of 192- and 256-bit AES, and 7 rounds of 128-bit AES, although the workload is impractical at 2128 - 2119. Basically you have a better chance of being struck by lightening, on the same day you win the Lottery, than being able to break it!
  http://www.howsecureismypassword.net
  
  It would take 631 thousand years to crack just one of my passwords - and considering you may need to crack at least one other before you got to that one, I would say, go ahead and try - I'll wait...........
  
  --
  Keywords for the NSA overthrow oppressive regime true believers marathon Manhatten the financial district blueprints I
5. Re:TRWTF by bzipitidoo · 2012-08-02 19:09 · Score: 2
  
  What's really fun are those services that let you enter a 30 character password, then silently truncate it to 8 characters.
  Also thrilling when a service is able to tell you what your forgotten password is.
  Then there was the login web page that would let you start typing in your credentials before it was finished loading, then move the cursor back to the username input box when it finished loading. I recall Yahoo's webmail did that for a while. Actually, it was a combination of bad design on both the web page and the browser's part. On those occasions when it was a bit slow to load, you'd be typing in your password just as the cursor warped back to the username box. If you hit enter before noticing what had happened, the overly helpful, advanced browser would remember your username...
  Another fun one was the service that insisted on selectively applying capitalization rules to usernames. When I created my account, I used all lower case for my username, and it silently changed the first letter to upper case. But it didn't change the case when I attempted to log in. Took me a while to figure out why I couldn't log in...
  
  --
  Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
6. Re:TRWTF by LSDelirious · 2012-08-02 19:28 · Score: 1
  
  bullshit! It's entirely possible to store password hashes that cannot be reversed... say I make a hash of both username and password, then combine the 2 hashes based on a formula dependent on the respective string lengths of the username and password, and then hash that combination and store the result. It's motherfuckin hashception! Even if someone stole my whole accounts table it would be worthless, since the stored hash's portion of the hash is based on the (unknown) password string length. Hell even if they had the whole table AND my login script it would still probably an eternity if you ever could get a password back out seeing as how the stored value is a hash of a combination of hashes and even with the known username hash, its unknown what parts of that hash were used since that is affected by password string length :P
  
  --
  Slavery is the legal fiction that a person is property; A Corporation is the legal fiction that property is a person.
7. Re:TRWTF by Anonymous Coward · 2012-08-02 19:53 · Score: 0
  
  36^8 is about 3 trillion. 8 characters choosing from 26 letters and 10 numbers, increase that a few for some special characters, and you're into really big numbers.
  Of course, there are people like you who use a unique 30 character strong password for every site you visit (I'm sure you're not full of shit, honest!) but for most of us, an 8 character password is enough.
8. Re:TRWTF by AliasMarlowe · 2012-08-02 20:23 · Score: 1
  
  That web site estimates 465 million years for my primary password at home and 27 trillion years for my primary password at work. But what do they mean by "desktop PC" in this case?
  
  --
  Those who can make you believe absurdities can make you commit atrocities. - Voltaire
9. Re:TRWTF by loxosceles · 2012-08-02 21:18 · Score: 2
  
  "It is always possible to recover a password."
  This is not true. If a password has more entropy than the hash being used, there will be collisions that make it impossible to tell what the original password is.
  This is a basic consequence of the fact that hash functions are irreversible and have fixed size. If you consider the space of all passwords of any length, there are infinitely many passwords (even if you limit passwords to those made of long strings of english words) that hash to a particular value.
  For the vast majority of passwords in use, the entropy is lower than the entropy of the hash, so it's feasible to construct mappings of possible passwords to hashes and determine the most likely password that way. It is not *always* possible to recover a password, however.
10. Re:TRWTF by Vintermann · 2012-08-02 23:26 · Score: 1
  
  Yahoo runs nothing but Linux [netcraft.com]. They would have had to intentionally bypass Linux security basics and roll their own to end up in such a mess.
  Uh, no. I don't think it's common practice to give each person who signs up an actual system account at the server, so Yahoo do not get the benefit of the shadow password scheme in Linux (to the degree that it's a benefit at all, there's a reason we use SSH authentication these days).
  
  --
  xkcd is not in the sudoers file. This incident will be reported.
11. Re:TRWTF by Anonymous Coward · 2012-08-02 23:27 · Score: 0
  
  Every Linux distribution since the Pleistocene has defaulted to at least a minimally encrypted password file. Yahoo runs nothing but Linux [netcraft.com]. They would have had to intentionally bypass Linux security basics and roll their own to end up in such a mess.
  Actually they have a lot of FreeBSD on the backend, but it supports the exact same hashing mechanisms as Linux (also remember that both MD5-crypt and bcrypt were invented on BSD).
  There are enough smart people over at Yahoo that they should have known better.
12. Re:TRWTF by Kidbro · 2012-08-02 23:47 · Score: 2
  
  Salted passwords don't matter - you can recover the password. Heck, you can reverse engineer hashing algorithms by just making a bunch of passwords then recovering them.
  That would require you not only steal the password hash file but also the software used to create that file, including the salt, etc.
  No. The context of this subthread was that using the same password on two separate systems would give the owners of one of the systems access to the other. Presumably, they won't need to "steal" anything, as they already control both the relevant data and software.
  
  Yahoo runs nothing but Linux
  
  If the only boxes they have are forward pointing webservers, then this link is relevant. That is obviously not the case.
  
  They would have had to intentionally bypass Linux security basics and roll their own to end up in such a mess.
  Intentionally bypass? Please. Of course you don't create operating system level users for users in your web app. They are way too much overhead for that. Of course they (and everybody else that provide web services of some sort) "roll their own" user system.
  Storing passwords in plain text is still inexcusable of course, but the rest of your post is nonsense.
  
  --
  May we live long and die out
13. Re:TRWTF by The+Mighty+Buzzard · 2012-08-03 00:35 · Score: 1
  
  Pffft, how hard is it to remember a password like 'God damnit!!1! What the fuck was my password for ?'? No, I don't use that specifically but it's 50+ characters and is unique to each site. And since every unsalted eight or less character password can be cracked in an hour or so by anyone with the hash, no, your eight character password is not remotely enough.
  
  --
  Violence is like duct tape. If it doesn't solve the problem, you didn't use enough.
14. Re:TRWTF by Anonymous Coward · 2012-08-03 01:05 · Score: 0
  
  I really hope nobody ever listens to you when it comes to security.
15. Re:TRWTF by Anonymous Coward · 2012-08-03 01:10 · Score: 0
  
  Honestly, if you create a system account for every user of each web app you have, I'd rather have Yahoo run my thing than you.
16. Re:TRWTF by AmiMoJo · 2012-08-03 01:18 · Score: 1
  
  Rainbow tables won't help if the salt was properly implemented. Rainbow tables can only cover one salt per table, and normally each user has their own salt value. So you would need one table per user, making them pointless.
  What does usually work against large salted hash leaks is a dictionary attack. On average you can crack maybe 50% of passwords in a few hours with a GPU and suitable dictionary. Password length is not that important beyond maybe five characters, avoiding words (or common variations of words) in the dictionary is.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
17. Re:TRWTF by Hotawa+Hawk-eye · 2012-08-03 02:00 · Score: 1
  
  It would take 631 thousand years to crack just one of my passwords - and considering you may need to crack at least one other before you got to that one, I would say, go ahead and try - I'll wait...........
  Or you could crack the password via social engineering, by doing something like setting up a website that asks people to enter their password and indicates how long it would take to crack that password .... Sometimes the weak link in the chain is technological, sometimes it is sociological.
18. Re:TRWTF by Tom · 2012-08-03 03:01 · Score: 1
  
  Because nobody has ever thought about properly seeding hashes...
  
  --
  Assorted stuff I do sometimes: Lemuria.org
19. Re:TRWTF by Tom · 2012-08-03 03:13 · Score: 2
  
  It is *always possible to recover* a password.
  No, it is not. You need go back to Cryptography 101.
  A properly seeded hash using a proper cryptographic one-way hash function is impossible to revert using todays and any technology within the forseable future. It's not a matter of raising CPU powers by a few orders of magnitude, but by a couple billion orders of magnitude.
  
  Heck, you can reverse engineer hashing algorithms by just making a bunch of passwords then recovering them.
  The proper term is rainbow tables, and they don't work for good salts because you need one table per possible salt value, meaning with 2 bytes you need 65k rainbow tables. If that frightens you, use 4 bytes for the salt and you need 4 billion rainbow tables. Good luck.
  
  Public-key crypto has been around how long?
  Someone has eaten a buzzword. :-)
  Public-key crypto is not any more (nor less) secure than one-way hashing. Properly applying the appropriate crypto is what matters.
  
  Bottom line, reusing a password is negligent on your own part.
  Welcome to the real world, where people have dozens of accounts. Since we request password policies that are insane from the human memory perspective POV, very few people can reasonably be expected to remember more than 2 or 3 of those Sc8OOlB1hu0Bj%7 beasts you have the choice between re-use or storing it somewhere (paper or password manager). Both of these approaches have their own security issues.
  disclaimer: I am an IT security professional.
  
  --
  Assorted stuff I do sometimes: Lemuria.org
20. Re:TRWTF by icebike · 2012-08-03 03:42 · Score: 1
  
  The shadow password scheme there, tested, maintained, and general purpose in nature. You can use it for any purpose. It's not just for system accounts.
  Ssh identification is over kill for your average forum login. While it might be useful for mail systems, it's not common to use it for such, even in the Unix would.
  
  --
  Sig Battery depleted. Reverting to safe mode.
21. Re:TRWTF by X0563511 · 2012-08-03 03:50 · Score: 1
  
  Things like keepass make it very easy to use unique 30-character strong passwords for every site or service.
  Of course, if someone gets your database you're in trouble. Better make sure you invested in a superbly strong passphrase on that thing (which you should be able to, no longer having to remember other passwords)
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
22. Re:TRWTF by Anonymous Coward · 2012-08-03 04:10 · Score: 0
  
  But (as you indirectly said yourself) you don't need to find the right password. You just need to find a password that has the right hash value.
  It doesn't matter that my password is "correct horse battery staple", if my password has the same hash as "".
23. Re:TRWTF by Khyber · 2012-08-03 05:33 · Score: 1
  
  This is my face when sites insist on using a hash instead of AES-256 or better for encrypting/securing passwords.
  My face, look at it.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
24. Re:TRWTF by Khyber · 2012-08-03 05:36 · Score: 1
  
  "Still it will be a hard case to win because there is no law that says they have to be careful or competent."
  Negligence is easy enough to prove just by logic. In this day and age of technology, it's ABSOLUTELY inexcusable to bypass TYPICAL security measures, given what Yahoo runs and how it works by default (ie before Yahoo tinkering.)
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
25. Re:TRWTF by Khyber · 2012-08-03 05:39 · Score: 1
  
  "If a password has more entropy than the hash being used, there will be collisions that make it impossible to tell what the original password is."
  Entropy doesn't mean shit if by random chance you get it cracked on the first few tries.
  Always account for a margin of uncertainty, and for a margin of certainty.
  If you can find out how long the PW is, you've just won half the battle and Entropy in theory might not be an issue.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
26. Re:TRWTF by Khyber · 2012-08-03 05:40 · Score: 1
  
  "No, it is not. You need go back to Cryptography 101."
  Man can make it, man can break it.
  You assume humans are infallible. BIG mistake.
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
27. Re:TRWTF by Anonymous Coward · 2012-08-03 05:59 · Score: 0
  
  It is *always possible to recover* a password.
  Hate to tell you this, but it's about 90% likely that anyone with at least an undergraduate degree in mathematics has already studied the non-reversible functions that you imply don't exist. Hint: Any function that returns the same value for at least 2 different input values is non-reversible.
  --Former maths major.
28. Re:TRWTF by The+Mighty+Buzzard · 2012-08-03 06:29 · Score: 1
  
  Granted, salting passwords can be useful if done properly but we're talking about people who make a conscious decision to limit the user's pass to a pathetic size. Odds are pretty good they're still using MD5 and not salting at all.
  
  --
  Violence is like duct tape. If it doesn't solve the problem, you didn't use enough.
29. Re:TRWTF by Tom · 2012-08-03 06:43 · Score: 2
  
  You really need to go back to some basics.
  The strength of good cryptography lies exactly in that not one but many men, and not just any but the top experts in the field have been trying to break it - and have failed. A crypto algorithm is considered strong exactly if there are no known attacks against it that are significantly faster than brute-force, despite said experts looking for one. All the major ciphers in use today have withstood at least one, usually several decades of attempts to break them.
  Is it theoretically imaginable that tomorrow, someone will publish something that drops the strength of a major cipher by at least a thousand orders of magnitude? Well, it is not impossible in the sense that FTL travel is, but it is about as unlikely as the existence of the famous teapot in orbit around Jupiter.
  Nobody in the academic field of cryptography assumes humand infallability. Like any academic field, new discoveries will be made. However, just like in physics we will certainly improve upon, say, the theory of gravity, and modify the formulas to be more precise, but nobody sane gives a significantly different from zero probability to a complete falsification of gravity these days.
  Likewise, there will certainly be more weaknesses found in say, the SHA family (we already know a few), which will provide attacks that are ten or even a hundred times faster than brute-force. SHA-1, for example, is considered broken by the cryptographic community. That is mathematically broken - you can crack it in a billion years instead of the trillion years that a brute-force would require. That is the dimensions we're talking about. Find another weakness in SHA-1 and make it a thousand times weaker, and you are still far beyond anything that will matter in our lifetimes.
  You are assuming that there is a real "crack", a crucial weakness that will enable a practical attack, instead of a theoretical. Those things happen - Deep Crack - but they don't happen suddenly, they don't happen unexpected, and by the time you and I hear about them, the people who actually work in cryptography think of it as yesterday's news.
  We already have SHA-2 which you can use if you don't think SHA-1 is secure enough. And we're working on SHA-3. It's not like encryption would stand still while people attack it, you know?
  
  man can break it.
  Check this history of SHA-3, and how many candidates were rejected for which reasons. That should give you some perspective - and humility.
  
  --
  Assorted stuff I do sometimes: Lemuria.org
30. Re:TRWTF by icebraining · 2012-08-03 12:03 · Score: 1
  
  You do if you want to access other website in which the user may have used the same password, because the wrong password won't hash to the right value when the salt is different.
  
  --
  Dilbert RSS feed
31. Re:TRWTF by icebraining · 2012-08-03 12:06 · Score: 1
  
  You didn't understand parent's post.
  What parent said is that if the password has more entropy than the has, you can't know if you "cracked" it or not, because there's more than one password that results in the same hash.
  
  --
  Dilbert RSS feed
32. Re:TRWTF by gVibe · 2012-08-03 17:29 · Score: 1
  
  Only gullible people fall for those websites or any social engineering ploy. Not everyone who thinks they are good at social engineering really are as good as they think. The truth is their targets are probably just gullible and are easily fooled anyway. I'll just say it...if you can socially engineer me, and get some really valuable information about me...then you are good at social engineering - period!
  
  --
  Keywords for the NSA overthrow oppressive regime true believers marathon Manhatten the financial district blueprints I
33. Re:TRWTF by fatphil · 2012-08-04 19:36 · Score: 1
  
  >> It is *always possible to recover* a password.
  
  > No, it is not. You need go back to Cryptography 101.
  
  > A properly seeded hash using a proper cryptographic one-way hash function is impossible to revert using todays and any technology within the forseable future. It's not a matter of raising CPU powers by a few orders of magnitude, but by a couple billion orders of magnitude.
  
  You need to go back to Mathematics 101. These functions have a brute force work factor of between about 2^160 and 2^512, or about 10^50-10^150. Related problems which are currently tractible have work factor about 10^20. Therefore an increase of between 30 and 130, not "a few billion", orders of magnitde would put make a preimage attack feasible.
  
  --
  Also FatPhil on SoylentNews, id 863
Whats this in terms of weeks and quality gpu's? by AHuxley · 2012-08-02 17:07 · Score: 0

How is this done with better pw's and well thought out networks?
Weeks with 10 top brand gpus ie small system?
Weeks with many many networked "10 top gpus" systems?
Or the classic inside out decryption ie one person with a laptop and hacking skills?

--
Domestic spying is now "Benign Information Gathering"
Image of Trust by Penurious+Penguin · 2012-08-02 17:10 · Score: 5, Insightful

Because Yahoo and other similar services pimp the image of being both sophisticated and virtually omnipotent, while offering to manage your affairs, organize your life, provide targeted news headlines and personal suggestions regarding your personal life, and then covertly subpimp your personal data while indifferently and deeply mining your grazing habits -- I think this lawsuit is, compared to others, reasonable, if a lawsuit without grievous injuries or loss can even be so.

Not everyone has a degree in IT. Perhaps instead of guerrilla advertisement, Yahoo (and other similar services) could cough up at least a token effort for their cattle, I mean customers. Maybe they could reserve some extra ad-space to discourage unknowing subjects from having shared passwords. Maybe they could do a lot more in general, and a lot less too, in a good way.

I sympathize with neither side in this case, but can empathize with only one. Altruism, despite modern Goliaths, doesn't always need an ulterior motive. Yahoo preys on the sea of humanity, and a few minnows nip back. Pardon me whilst I desiccate myself with tears.

--
Forward! -- Emperor Norton, 2012
I'm just a simple caveman... by gubon13 · 2012-08-02 17:46 · Score: 2

I'm sure there will be many valid points made about how utterly irresponsible it is to use the same username and password on both your email account and "financial" sites, and also about how terrible Yahoo! is for making very little effort to make amends to their customers whose privacy they clearly don't value... And sure, this lawsuit will likely tie up the court system and waste thousands, possibly millions of taxpayer dollars... And maybe Yahoo! will ultimately be required to send each of those 450,000 users a $10 voucher for food in the Yahoo! cafeteria... ...but I think we're all missing the elephant in the room here - Yahoo! is still around?
1. Re:I'm just a simple caveman... by AttyBobDobalina · 2012-08-03 00:46 · Score: 1
  
  Agree with the above - Let's have a little disclosure here - more than likely, the attorneys representing the plaintiff are schooling in fashioning class action lawsuits. This "plaintiff" is likely a stand-in until the attorneys move to certify the class. If allowed by the court, the case will settle for $X millions, with the attorneys taking their 1/3 contingency. If the class is not certified, the case will go away. In the end, I suspect the attorneys here are little different than your common patent troll.
same password isn't the only problem... by CheshireDragon · 2012-08-02 18:19 · Score: 1

Using a lame password was also the problem. I am not sure if it was on /. too, but I saw it on another news site where they showed the passwords. I think it was more than 80% of the passwords used were dictionary words and weren't even m0dif1ed.

https://xkcd.com/936/ ...yeah :/

--
"That's right...I said it."
Very simple (Re:I'm just a simple caveman...) by Anonymous Coward · 2012-08-02 18:41 · Score: 0

for making very little effort to make amends to their customers whose privacy they clearly don't value
You, and many others I'm sure, have mistaken Yahoo!'s users for the customers. The users are not customers, they are the product. The customers are the folks who want the user's private information. And it's not just Yahoo! that is doing it.
Yahoo is lying it was 744000 accounts by Anonymous Coward · 2012-08-02 20:28 · Score: 0

450,00 HAHAHAH
Come on yahoo tell the truth, it was 744,000, that's what i counted.
I can post the paste bin url if you all like....
shame yahoo shame!
Re:same password = fux0rd by Anonymous Coward · 2012-08-02 20:42 · Score: 0

If I want to risk my life doing skydiving, that's my choice. If I want to risk my life rolling down a steep slope without protection, that's my choice. Sure, some choices the government takes away from us, trying to protect us from ourselves, but generally it's seen as pretty basic truth that we all get to choose our own level of safety in life. This man chose his level of safety, choosing the level of risk to himself and his finances and data that he could accept...
Now, you might enjoy it, but I'm pretty sure it's illegal to give random strangers a parachute and throw them out of the aeroplane, shouting after them "Just pull the handle, you'll be fine!"
This is what yahoo did, they gambled with the security of their users, and they lost. The fact that some of the users might be skilled skydivers who have their own parachutes (i.e. never reuse a password) doesn't really matter. Or did the terms of service specifically say "we're not going to bother encrypting your passwords, so the duty to secure this account is entirely on you, the user"?
The company is most culpable by gtcodave · 2012-08-02 21:53 · Score: 1

Yeah yeah yeah, you can all say the user is stupid for using the same password on multiple sites. /careface
Yahoo still lost 400000 passwords and coming from a corp that not on. End of storey. The way many big companies handle user data is complete bs and there's no arguing that.

--
-- David
I wouldn't blame the man. by Elminster+Aumar · 2012-08-03 00:59 · Score: 1

If someone wants to use the same password for every website, he / she should be able to without fear of having their information stolen. If some organization or company decides to make your personal information accessible through the internet, who are you (or anyone else for that matter) to tell any other person what password to use to access this information? If someone can't use the same password for multiple websites / applications / whatever, then it's clear to me that passwords are antiquated. What's there to debate again? And if you take the pragmatist's side of the road on this, then your entire point is moot before it leaves your brain because the pragmatist would see that while using a unique password may increase the likelihood of having secure information, it doesn't eliminate risks entirely, no matter how strong the password(s) is/are. We're reaching a point in all this where passwords just don't pass muster anymore, especially when there's no standard password input form across multiple websites. It's a joke and what's even funnier is how people are blaming that guy for using the same password across different websites--something, of which, I'd love to know how everyone became privy to, by-the-way...
Software engineers should take some responsibility by fufufang · 2012-08-03 01:56 · Score: 1

If a company built a bridge and it collapsed, that company would be likely to face lawsuit and fine. Engineers take safety and security seriously, so should software engineer.
Banks by phorm · 2012-08-03 03:04 · Score: 1

Sadly, banks are often the worst for this.
8 character limit, alphanumeric only. No special characters. No spaces.
Maybe this is to tie into some archaic infrastructure, but whatever the reason it seems those that should prefer the strongest passwords instead often require the weakest.
Re:Software engineers should take some responsibil by Anonymous Coward · 2012-08-03 03:15 · Score: 0

Sure, But what is the bridge was intentionally blown up by a malicious person or group?
Negligence by Tarlus · 2012-08-03 03:49 · Score: 1

Using the same password for multiple accounts is a negligent user behavior, though I'd say that storing hundreds of thousands of passwords in clear text wins as being vastly more irresponsible.

--
/* No Comment */
You forget one big thing. by seeker_1us · 2012-08-03 03:54 · Score: 1

Yahoo is an OpenID provider.
he'd win if I were deciding the case by davidwr · 2012-08-03 04:33 · Score: 1

But he'd only win for damaged caused by misuse of HIS YAHOO account and of accounts access through HIS YAHOO login, such as newspaper-comment accounts that allow Yahoo-account-based logins.
But as for his eBay account, sorry, unless the bad guys used his Yahoo account to do a password-reset or password-retreival of his eBay account, that's on him.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
bike & briefcase lock analogy time by ffflala · 2012-08-03 05:39 · Score: 1

...after his eBay account, which used the same password as his Voices account, was compromised.
Analogy: Jeff Alan from New Hampshire decides to use the same numerical combination on both his briefcase and his bike lock. A thief watches Jeff pedal up to a cafe, lock his bike, and grab a table. The thief easily shoulder surfs the briefcase lock combination. On a hunch, the thief walks outside and tries the same combination on the Jeff's bike lock. It works, and the thief makes off with Jeff's bike. Jeff Alan from New Hampshire then sues the briefcase company for negligence, and demands that they replace his bicycle.

I will be very surprised if this case makes it past the pleading stage.
No, actually... by Anonymous Coward · 2012-08-03 05:59 · Score: 0

Reverse-engineering a hashing algorithm won't allow you to derive a password from a hash. At best you could derive a large collection of possible passwords from a hash, and even doing that is a lot harder than it sounds.
That is exactly what makes hashing different than encrypting.
I saw these accounts used to distribute malware by davecason · 2012-08-03 06:59 · Score: 1

The cost of this is broader than the affected users. Almost every person that the affected people had ever emailed got sent a bad email with a link to an exploit kit.

We all need to do better with passwords from storing them to using them more than once. I'd like a SSO-like two factor authentication where each person can pick both parties. That would get more players out of the password storing game, but we would be centralizing our risk. And not everyone can afford a randomized idea like SecurID on one side... And 2 independent players can't verify that you didn't foolishly use the same password with each. So, I'm still looking for better ideas, but I would be immediately happier w/ more options and fewer lawsuits.