http://qs321.pair.com?node_id=785285


in reply to Status of Recent User Information Leak

I just wanted to throw out a big thank-you to the PM Gods for the time and effort they've spent responding to this situation. Maintaining the site is a thankless job on a good day, and the last few days have been more thankless than most. Just trying to shift the karma the other way a little bit.

I have donated $$$ to PM several times in the past, and now is a good time to do so again. This is a resource that I value and I encourage everyone to look past this unfortunate incident and look towards the future.

As for the whole "hashed/unhashed" debate this doesn't bother me at all. "Convenience" and "Security" are at opposite ends of a continuum and PM is not a bank. I do not blame the Devs for choosing convenience over security... anyone who did not reuse their PM password has lost exactly nothing in this incident, and anyone who did reuse their PM password on another site deserves what they get. (Anyone who used their PM password on something that matters, like a bank account, a root server, or a database, should be publicly humiliated with extreme prejudice.) This is not/should not be a big deal.

Thanks again for your time and professionalism.

Gary Blackburn
Trained Killer