This is Anthony Ferrara's Typepad Profile.
Join Typepad and start following Anthony Ferrara's activity
Join Now!
Already a member? Sign In
Anthony Ferrara
Recent Activity
Since you mentioned the fractal post, you should at least read my reply to it. http://blog.ircmaxell.com/2012/04/php-sucks-but-i-like-it.html I think you miss a very key point, that sucking matters for shit when you're able to get stuff done with it. Additionally, saying nothing has changed is a bit of a ruse. Follow the internals lists, and watch what's been happening in newer releases, and you'll see that lots has been changing. Overall, just another FUD article. Sigh...
Toggle Commented Jun 29, 2012 on The PHP Singularity at Coding Horror
Very good post! I wrote almost the same post on my blog last year: http://blog.ircmaxell.com/2011/08/rainbow-table-is-dead.html One point though. Cryptographic hashes are supposed to be fast, not slow. The faster the hash, the better in that it is faster to verify the message. Otherwise, we'd be using iterated hash functions for signing data, which we're not. The primary defense against brute forcing is not the speed, but the shear size of the output space (which is why most modern hash algorithms are 256 bit or better). The speed of the function is seen as an advantage because it lets you quickly tell the validity of the message. Now, for password hashing, this speed is a negative since it's very fast to brute force an entire search space (relative to documents). And that's why iterated password hashing algorithms (such as scrypt, bcrypt and pbkdf2) exist. To make the fast hashing function slower for its uses... Otherwise, very well said... Anthony
Toggle Commented Apr 6, 2012 on Speed Hashing at Coding Horror
Anthony Ferrara is now following The Typepad Team
Apr 6, 2012