Re: 2.4.22-pre7: are security issues solved?
From: John Bradford (john_at_grabjohn.com)
Date: 07/23/03
- Previous message: Martin Diehl: "Re: Promise SATA driver GPL'd"
- Maybe in reply to: Aschwin Marsman: "2.4.22-pre7: are security issues solved?"
- Next in thread: root_at_mauve.demon.co.uk: "Re: 2.4.22-pre7: are security issues solved?"
- Reply: root_at_mauve.demon.co.uk: "Re: 2.4.22-pre7: are security issues solved?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jul 2003 13:56:14 +0100 To: davem@redhat.com, herbert@gondor.apana.org.au
> > If I know your password is 7 characters I have a smaller
> > space of passwords to search to just brute-force it.
>
> It's much smaller if you didn't know that it was at most 7 characters
> long. However, if you did know the upper bound, or you were just
> brute forcing all passwords starting from 1 character, then the
> difference is relatively minor. This is because
>
> n + n^2 + n^3 + n^4 + n^5 + n^6
>
> is much smaller than n^7 where n is something like 62 for a reasonable
> password.
>
> So if your password was broken using this method, then it's probably
> too short anyway.
One time passwords are much more secure.
John.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Previous message: Martin Diehl: "Re: Promise SATA driver GPL'd"
- Maybe in reply to: Aschwin Marsman: "2.4.22-pre7: are security issues solved?"
- Next in thread: root_at_mauve.demon.co.uk: "Re: 2.4.22-pre7: are security issues solved?"
- Reply: root_at_mauve.demon.co.uk: "Re: 2.4.22-pre7: are security issues solved?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
