Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

a) Basically the cracker acquires access to parts of LinkedIn's database that store user login details, including scrambled versions of passwords. Unfortunately, the algorithm used to do the scrambling is easy to undo. Since the dump is/was being circulated in the underground, anyone with a copy of it and a little bit of time can presumably unscramble the whole list, revealing all passwords stored at the time the dump was generated. Given that so many use the same login/password for multiple sites...

b) There is software (intrusion detection systems/software, or IDS) that does that, but it is rarely present by default. The hows and whys of IDS can be difficult for non-security types to grok, and it can be costly in terms of time, equipment, and money, so it often not encountered.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: