On Sun, 13 Dec 2009 04:09:37 +0100 Ian G wrote:
Has it ever been broken? Has anyone lost anything?
Define broken as used in this context.
Security is a risk-based business, not an absolute science.
In order to measure risks we generally have to either ground it in a
business->threat->security model that indicates future dangers that will
by experience cause us to cut them off before they happen; OR, show
that now there are losses / damages / breaches.
The former would be like, if 40 bit crypto was in place in SSL-protected
retail sites, we'd expect real-time eavesdropping of credit cards from
wireless hotspots by the year 20xx. The latter would be like, in 20yy
we saw N cases of people losing $zzzz because their password was
crunched. E.g., we have all these figures in various guises for
phishing, data breaches, bank breaches.
So in absence of that, I'd say it ain't broken. Don't fix it :)
Another way of saying it is, in the absence of a clear and present
danger to our users, it is slightly brave to ask the protocol, standards
and developer communities to do all the work required to make a new
version happen.
If you use a short enough
password it's trivially breakable.
Doesn't that apply, regardless?
iang