Morioh
Login
Bruce Wang

Bruce Wang

2 years ago

Security in programming is insanely difficult to achieve. In this video, we take a look at a class of attacks called “Timing Attacks” that use the amount of time that it takes a server to respond in order to gather secret information from the server. Not all servers are susceptible (common popular ones are not when properly configured), but if you don’t know about timing attacks, one you write might be!

Note: For those wondering why I did not include discussion of a slow_equals to thwart the attack, I decided not to because this is a bandaid on the larger problem that the server shouldn’t have even stored your password in the first place. Only hashes should be stored.

Source code: https://github.com/mCodingLLC/VideosS…

Subscribe: https://www.youtube.com/c/mCodingWithJamesMurphy/featured

#security

Time to Hack - Cracking Passwords Using Only Timing Information

youtube.com

Time to Hack - Cracking Passwords Using Only Timing Information

Security in programming is insanely difficult to achieve. In this video, we take a look at a class of attacks called "Timing Attacks" that use the amount of time that it takes a server to respond in order to gather secret information from the server.

2.10 GEEK