16 comments

[ 3.1 ms ] story [ 48.5 ms ] thread
How did they find out they were hacked in the first place? This is always interesting to me as I don't think Project Euler would have some sophisticated security logging audit system in place.
The forum has returned, but OTOH when I try to log in it says it has no record of my username.
Well it's not back completely, now it's just a static site with the problem set restored. No ability to check answers or log in and track your progress.
Sad. Project Euler is pretty much useless without the problem checking feature. Anyone know a good alternative?
We changed the title to say "partly".
The part about salting confuses me. Shouldn't salting remain effective against rainbow tables even when the salting mechanism is known?
It should, and they just said "the integrity of weak passwords cannot be guaranteed" -- even the best salting cannot prevent attackers performing brute force attacks; it will be slow, but weak passwords may be cracked in reasonable time.
crypto101 says that because of how fast GPUs are at computing hashes, even using long per-user salt is now broken and you must use pbkdf2 or better yet, scrypt.
Looks like they have enabled answer checking again .