Hi Ang, Nice to see you in this mailing list. long time no see. Thank for the complete info. Have been busy now day. What i learn from this incident is
1) Dont use same password if have different email or website or etc. 2) Update your encryption use latest technology 3) Always changing password (Yeah we are lazy to change also same with me) 4) Update any latest security announce or app >From OWASP point of view. OWASP have some guide line to system admin, we developer or security engineer regarding web application security 1) OWASP Enterprise Security API<http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API> 2) OWASP Application Security Verification Standard Project<http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project#tab=Home> 3) OWASP Web Application Firewall<http://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls> (Already presented by Alex Tan - Extol Malaysia on 4th OWASP Meetup) Hope it may help. Just pray to god to get lucky :) On Wed, Dec 15, 2010 at 7:56 PM, Ang Chin Han <[email protected]>wrote: > Surprised not posted yet, but plenty of lessons to be learnt: > > http://www.codinghorror.com/blog/gawker-hack-release-notes.html > > http://en.wikipedia.org/wiki/Salt_(cryptography) > > See also > http://www.reddit.com/r/programming/comments/ekpr3/gawkergizmodo_does_not_salt_their_passwords_uses/ > > Salt your passwords, I'm looking at you Drupal 6! :( > > /me hypocrite > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > Regards, Mohd Fazli Azran
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
