|
|
[br]
[br]When a company asks for your personal information, there’s a reasonable expectation that the private info it collects will be stored securely. There are techniques like “hashing” and “salting” (more on those in a moment) that let companies do essential tests like validating login information without exposing passwords in an easy-to-read-and-maybe-even-steal format. Unfortunately, the latest chapter in the Facebook security issues saga that has been unfolding in slow motion for the last few years exposed hundreds of millions of passwords in plain text format to thousands of internal employees.[br]What happened?[br][br]Passwords are sensitive information, so they’re typically stored using cryptography to obscure their true nature. Hashing is a technique that effectively makes the password info stored by the companies useless if stolen (and means that internally, employees can’t see it, which is a good thing). Salting adds another level of security to the hashing process by adding an extra string of characters to the original password at the beginning of the process. In this case, however, these Facebook passwords were stored in plain text, which means anyone with access to them could read, understand, and even use them if they wanted.[br]Are you affected by the bug?[br][br]Facebook has already about the problem, but if your specific account was included in the database, you’ll get a notification soon letting you know about it. According to the statement, the bulk of those affected was on the Facebook Lite platform, which is a scaled-down version of the service designed for use in areas where bandwidth is limited. That segment accounts for “hundreds of millions” of compromised accounts, whereas typical Facebook users represent “tens of millions.”[br] |
|
发表于 2019-04-14 22:54:56
收藏
Like
Stick Card
Jack
