June 7th 2022 archive

On Tuesdays, we continue to rip on Tumblr.

This is a screenshot of me and a friend ripping on Tumblr’s “site security”. They continue to refuse to acknowledge that there was a recent data breach, or data leak, even though passwords have now been brute-forced into plain text (they did not use SHA-1 cryptography to hash their passwords, let alone salt them… and I’m not going to get into the fact that passwords hashed with SHA-1 cryptography are now easier to brute-force, that site managers should look into using higher-leveled cryptography). But it is what it is, and I tried to alert them to the problem. It’s out of my hands now. It’s not my problem. I don’t have an account on their site, so none of my data is going to continue to be compromised, especially since I use burner e-mails for fandom accounts and do not replicate passwords. However, I can’t say the same for their other users. I can’t speak for them. But even the barest of statistical analyses would have to say that some of them would have to be using professional e-mails for these sorts of things, that they were replicating passwords, or even that they were using universal passwords (in 2022 of all years, which I am not even going to get into… heh).

I mean, I tried. I really did. I truly did. I didn’t even have to say anything, but I did. They chose to ignore it.