@jubes have a look at the #Amazon pull-down here: https://codeberg.org/swiso/website/issues/141
@resist1984 @jubes According to the article most of the actual card info was hashed; here's hoping they didn't use MD5 or something...
@resist1984 @jubes @gerowen bcrypt, for instance, is designed to be slow ("bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower", https://en.m.wikipedia.org/wiki/Bcrypt ). So are proof of work functions.
@resist1984 @jubes That's true, and part of the article said the last 4 were visible, which leaves 12 unknown numbers, presumably hashed and hopefully salted as well. Depending on what information was stolen, they might have the salt. Some numbers can also be guessed because certain card types have different patterns. I've noticed when entering card info it'll auto detect Visa/MC before I finish typing. If you know it's MC and have the last 4...
@jubes @gerowen i'm assuming all hashes are designed to be fast and simple to compute.. at least, I've not heard of hashes that are deliberately computationally slow.