When you make Windows XP security look good, you should be firing the programmer ASAP. Ugh Lenovo.Puppy wrote: ↑Tue Jan 30, 2018 10:40 amJust another Lenovo "Pro" software
https://www.notebookcheck.net/Lenovo-s- ... 494.0.html
https://support.lenovo.com/us/en/produc ... /len-15999
A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.
Most likely the task was given to a junior programmer without any proper process of training and code review.Thinkpad4by3 wrote: ↑Tue Jan 30, 2018 11:53 amWhen you make Windows XP security look good, you should be firing the programmer ASAP. Ugh Lenovo.
Even a Junior programmer could put it in something better than plain text. Is implementing an SHA-256 algorithm that hard? Just downloading a github library would be suffice.dr_st wrote: ↑Tue Jan 30, 2018 2:23 pmMost likely the task was given to a junior programmer without any proper process of training and code review.Thinkpad4by3 wrote: ↑Tue Jan 30, 2018 11:53 amWhen you make Windows XP security look good, you should be firing the programmer ASAP. Ugh Lenovo.
In this business doing something is often not as hard as understanding why you should do it. This understanding is what junior programmers often lack.Thinkpad4by3 wrote: ↑Tue Jan 30, 2018 3:12 pmEven a Junior programmer could put it in something better than plain text. Is implementing an SHA-256 algorithm that hard? Just downloading a github library would be suffice.
Users browsing this forum: No registered users and 44 guests
Homepage
Forum
Drivers
HMM-Manuals
MTM
Feed
