Here is the MySQL UUID function: http://dev.mysql.com/doc/refman/5.0/en/miscellaneous-functions.html#function_uuid
=== 2009/10/17 Márcio Cardoso <[email protected]>: > Thank you all, the problem of pass is resolved, so now I need to discover > how the uuid of the avatar is generated . anyone have any idea how this > happens? > > Greetings, > Márcio Cardoso > > > > A 2009/10/16, às 19:34, Frisby, Adam escreveu: > > Seconded. There are other weak points which could be more easily addressed > at the current point in time; but I do expect many of those to finally get > ironed out. > > Adam > > -----Original Message----- > > From: [email protected] [mailto:opensim-dev- > > [email protected]] On Behalf Of [email protected] > > Sent: Friday, 16 October 2009 9:22 AM > > To: [email protected] > > Subject: Re: [Opensim-dev] open sim UUID and Passwordhash > > The usual warning, I'm a broken record: > > there is very little security in open OpenSim grids right now. > > Daniel Smith wrote: > > Not the best place to go over crypto 101, but for those unfamiliar > > with > > the insecurity of md5("password") by itself, you owe yourself a visit > > to > > some place like http://www.md5crack.com/crackmd5.php. It'll open > > your > > eyes quickly. > > Try "20ee80e63596799a1543bc9fd88d8878" -- it's ok, just a rabbit. > > Not > > my password. > > The point that others here are making about salt is pretty valid > > (incoming IP address + timestamp + username can be a good start). > > You'll have to store the salt somewhere, because you'll never get the > > same one again, and you'll need to add it to the users incoming pw to > > hash again and compare... > > And +1 to Adam's comment on transmission and storage requirements. > > Not > > addressing security 101 will leave you with a site incapable of > > transmitting anything (or much worse..) > > Daniel > > -- > > Daniel Smith - Sonoma County, California > > http://daniel.org/resume > > > --------------------------------------------------------------------- > > --- > > _______________________________________________ > > Opensim-dev mailing list > > [email protected] > > https://lists.berlios.de/mailman/listinfo/opensim-dev > > _______________________________________________ > > Opensim-dev mailing list > > [email protected] > > https://lists.berlios.de/mailman/listinfo/opensim-dev > > _______________________________________________ > Opensim-dev mailing list > [email protected] > https://lists.berlios.de/mailman/listinfo/opensim-dev > > > _______________________________________________ > Opensim-dev mailing list > [email protected] > https://lists.berlios.de/mailman/listinfo/opensim-dev > > _______________________________________________ Opensim-dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-dev
