Slashdot Mirror

← Back to Stories (view on slashdot.org)

Patreon Hacked, Personal Data Accessed

Posted by samzenpus on from the protect-ya-neck dept.

AmiMoJo writes: In a blog post Jake Conte, CEO and co-founder of Patreon, writes: "There was unauthorized access to registered names, email addresses, posts, and some shipping addresses. Additionally, some billing addresses that were added prior to 2014 were also accessed. We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all passwords, social security numbers and tax form information remain safely encrypted with a 2048-bit RSA key."

4 of 79 comments (clear)

  1. "with a 2048 bit RSA key" by Anonymous Coward · · Score: 1, Insightful

    Erm,

    Passwords should never be encrypted. Anyone who signed up should assume their passwords are fucked, especially since the private key for decrypting them (assuming this guy even knows what he's talking about) is almost certainly in the app.

    1. Re:"with a 2048 bit RSA key" by John+Bokma · · Score: 4, Insightful
      No. A password should be used as the parameter for a one-way function ("hash function") and the result should be stored. If the user logs in, the password given should be used as a parameter for the same one-way function. If the result is the same as the value stored, the password is the same. Good properties of such a hash function is that it's slow, that the probability of result values is uniformly distributed, and that similar input values don't result in similar output values.

      Because pre-calculated tables exist it's good practice to add a "salt" to the password. Otherwise one just calculates the hash value of '1234567' and looks in the results for this hash value.

      --

      Perl Programmer for hire
    2. Re:"with a 2048 bit RSA key" by Lobachevsky · · Score: 5, Insightful

      People assume the choices are "unencrypted" or "encrypted" and conclude encrypted is better. But then they're missing hashing. Encrypted data can be undone, it can be decrypted. Any encrypted data is just waiting for the day someone can decrypt it, and if the webserver is checking passwords this way, it means it's decrypting it constantly and anyone can hijack that ability.

      Hashing cannot be undone (mathematically, it's called a one-way function). There's absolutely no way to email you your original password. That's why so many websites have a "reset password" instead, because they literally don't know your password. The webserver checks your password by hashing it and comparing that output with the old recorded value.

      You'll sometimes also hear the term "salting", which basically means the webserver doesn't hash your password directly, but first appends or prepends some gibberish to your password that's unique to that webserver and then hashes it. The advantage of salting is that two webservers won't show on file the exact same hash for the same password. That means if I spend 20 years and solve the hashes for all possible passwords, I haven't unlocked every webserver on earth, I've just unlocked 1 webserver whose salt I copied, and to crack another webserver, I'd have to redo the painfully slow exercise of brute forcing.

  2. So, not protected at all by Anonymous Coward · · Score: 0, Insightful

    You don't 'protect' static data with RSA.