46

After seeing this app on the play store, I've officially lost faith in humanity.

Comments
  • 16
    Sorry, unless it does ROT13 and it's more powerful ROT26 variant, no sale
  • 5
    Explain why? It does what it says on the tin. Encrypts using hashes, encodes with stuff and decodes too.
  • 11
    Ummm. Hashing (like md5 n sha) is much different than encryptions. In simplistic terms they are one way encryptions. This sucks. I would take Caeser cipher over them for encryption!
  • 4
    And does people not read, about sha1, Google published nice paper recently. So sha1 as hash is not good.
  • 5
    @KeirDavis1 it hashes, it doesn't encrypt. Encrypted text is meant to be decrypted.

    Hashed data is lost foverer (in theory)
  • 3
  • 3
    @thedev didn't know md5 is also not unique (going to Google it now)

    And I agree theoretically word in data is lost. When u saw rainbow tables for sha and others i was amazed of clever brute force of decoding. Lol.
  • 2
    @thedev ye, have fun using that as encryption :) yes, it's "hard" to crack (exceptions like md5 apply), but using it for chats, is gonna be APITH
  • 3
    @FinlayDaG33k not hard to crack if you have rainbow tables.
  • 7
    @yendenikhil would be a shame if I salted it :D
  • 1
    @FinlayDaG33k you hash your bank password 😂😂😂
  • 1
    @FinlayDaG33k I didn't get it when you said "salted it".
  • 2
    @yendenikhil your loop hash with a salt. 1024 times.
  • 1
    Anyway that app is shit
  • 6
    Yeah let's encrypt something with a "Secure HASHING Algorithm" wtf also according to Google you can crack md5 with a smartphone in 30 secs
  • 3
    @SHA-256 you are the next target...
  • 2
    @SHA-256 about md5 send me the link please
  • 2
    @yendenikhil You're thick. Just because a hash algorithm has had a collision, doesn't mean it's now useless?

    Technically hashing is an unreversable encryption so get the fuck off your high horse.
  • 3
    @KeirDavis1 if hashing algorithm have collisions then I would call it useless. The job of the hash is to confirm the integrity ubiquitously. And the collisions create confusions. In such case how is that hash useful?

    And in my first comment I mentioned that these are not encryption algorithm but hashing algorithm which is one way encryptions. Though, again you are careful in commenting and mentioning "technically they are un-reversable", they can be reversed by rainbow tables (that is one way I know of, and that to somewhat limited) What's wrong in this?

    And saying fuck off, are you compensating for something? Would have loved the complete logical argument than pms ing especially in such forum. Lol. Give your counter argument or as you said eloquently "fuck off".
  • 2
    @KeirDavis1 that escalated quickly.

    Why tf you getting mad???
  • 1
    @rantOverflow yet everyone expects an encrypted information to be decrypted...

    Not an hashed information...

    When you tell her to encrypt. She will think of the real encrypt (she probably doesn't know hash exists)

    So you call it hash or encrypt you are always talking about a new idea, call it hash. Let encrypt (the old idea) stay encrypt...
  • 1
    @rantOverflow with your logic you will give 90% rants on this forum down votes. We are in tech savvy community on devRant. So pointing out wrong things is fun.
    Also if you are app developer then you are in somewhat technical background and can't compare with granny.

    I don't work in security domain still I know these basics.

    It is like some other rant posted where the pic of hacking movie where windows media player was shown (clip of gibberish as actual hacking). Why shouldn't it make you laugh?
  • 1
    @thedev

    "The collision attacks against MD5 have improved so much that, as of 2007, it takes just a few seconds on a regular computer."

    https://en.m.wikipedia.org/wiki/...

    The 30 secs for md5 on a smartphone was taken from the shattered pic from Google(attached below)
  • 2
  • 1
    @SHA-256 thanks mate
  • 1
    @thedev Youre welcome.

    I added the pdf link to the infographic
  • 0
    @rantOverflow At least you understand where I'm coming from.

    If I asked half of these guys what exact parts of a car are, theyd probably have no clue but a mechanic would laugh at their responses. They need to understand that not all people know about everything in every sector.

    They need to realise they may be somewhat talented in programming, but not necessarily in the social or sympathetic area.

    Just shows how 'smart' they are. It's why we're developers in the first place. We know the programming because they don't. Otherwise we wouldnt have a fucking job.

    Fucking grow a pair and go learn the ins and outs of a car and then come talk to me.
  • 3
    @KeirDavis1 there are two cases to my mind now:

    - you own the app: In which case sorry, our comments a purposely rude to make the conversation go. Nothing personal (though change the description)
    - you made the same mistake as him: I'm sorry that you think we act as non-social guy, but programming is somehow an exact science. Some stuff are what theh regardless of whether you knew it or not. So you know, I'm dev for 6 years, I stopped calling hashing encrypting only 2 years ago. (You can still find my old code commenting "encrypt the password" while talking about md5). Though, they are different, it's a fact. Let's educate the public rather than comforting them in their mistake.

    To finish, dude, devRant is full of strong word, "idiots", "useless" and "kill it before it spread". Don't take it personally.

    We are quite nice here actually. We are just outspoken.

    Let's make peace.
  • 0
    @yendenikhil I'm pretty sure Google just found a hash collision. And wouldn't all hashing algs have collisions.
  • 0
    @CCTrollz By definition they should not collide. For unique content the hash should be unique. And yes google did found out the hash collision about SHA1 long time back. Recently they found the way to create the collisions deliberately. They are advocating to get rid of SHA1 for important things like signing TLS certificates for few years already.

    https://security.googleblog.com/201...
  • 1
    @CCTrollz The SHA-1 collision was already discovered in 2005 by Rijmen and Oswald(Wikipedia article about SHA-1)

    Just recently google managed to actually get a collision
  • 0
    Lmao, sha-1, known attacks since 2005,deprecated by NIST in 2011 and somehow people still use it
  • 1
    @yendenikhil
    The purpose of the hash is supposed to represent the original data but not be reversible. If I send you a hash there is no way for you to look at that hash and do anything to reverse it to get the data it represents. That is, you can't derive the content it represents from the hash.
    Also, Rainbowtables are a predefined set of data which are passwords and their respective hashes contained in a file that allows you to compare the hashes in the rainbowtable to the hash being "attacked". If there is a match then it spits out the password that matches that respective hashes.
    Creating hashes of passwords and comparing it against a hash to find the matching data (passwords) is not reversing the hash it's simply computing a hash (in Rainbowtables the hashes are computed before hand) and comparing the hash to the hash you are trying to "crack" or "attack".
Add Comment