A number of hacks involved downloading the database of some websites. Usually this involves defeating the operating system that runs the website (or a server in the same datacenter) and FTPing the database away. Now the thieves have every username and every password, and can log in and abuse the system as needed.
People tend to use the same username/password combination everywhere they go. In the early days of Everquest, there were a number of websites set up just to harvest usernames and passwords, and about 5% of the EQ userbase used the same username/pwd as their game accounts. Steal one forum database (which is probably why the efforts to crack vBulletin and phpBB), or set up your own honeypot, and harvest a number of game accounts to loot and plunder. This applies to other games as well, not just evercrack.
The reason for the love of hashing is that it is one-way. There isn't any feasible method for reversing it. While things like rainbow tables can make crackers' lives easier, it still puts the burden on them.
Backup tapes get lost. Crooked employees have been known to sell access, account info, or whole dumps of DBs. External opponents aren't the only threats, you have malevolant and stupid internal threats to deal with as well.
These are all good points and I agree with you completely.
I think I haven't explained myself well. Firstly I made the mistake of saying "plaintext" when what I really meant was "recoverable", ie encrypted but not hashed. I would never suggest that passwords be stored in plaintext, protected only by operating system and DB passwords. I didn't make that clear and I think I've deservedly gotten some heat for it.
All I am trying to say is that with enough effort, data can be secure, or secure enough. In my job I store customers' credit card information. This must be in a recoverable form. If it leaks I am dead and probably so is the company. Nothing is perfect but I have gone to a lot of trouble and I have reasonable confidence in my efforts.
Same goes for server private keys, financial records, etc. All of it is "ring 0" secure data and extraordinary efforts are made to keep it that way.
I do not actually store user passwords currently, but I know people who do. I have similar confidence in their precautions and skill. Obviously it can be done badly, just like hashed passwords can be implemented badly. But if done properly, I stand by my assertions that storing user passwords in a recoverable format can be no greater a risk than any other part of the system, and no easier or more likely an attack.
I have harped on about this enough, but I'd just like to point out two more things - one, if people enter the same login details to a honeypot then nothing can save them, and two, that crooked employees can circumvent the hashing anyway, either by sniffing inside SSL or just inserting a logging hook. Relying on hashes to thwart crooked employees is folly and could breed complacency.
Hashing passwords is a security layer, nothing less and nothing more. A site's security relies on the skill and care of its architect and staff, not on any single hot topic buzzword. Right, that's enough on this topic. Thanks for the thoughtful reply.
A number of hacks involved downloading the database of some websites. Usually this involves defeating the operating system that runs the website (or a server in the same datacenter) and FTPing the database away. Now the thieves have every username and every password, and can log in and abuse the system as needed.
People tend to use the same username/password combination everywhere they go. In the early days of Everquest, there were a number of websites set up just to harvest usernames and passwords, and about 5% of the EQ userbase used the same username/pwd as their game accounts. Steal one forum database (which is probably why the efforts to crack vBulletin and phpBB), or set up your own honeypot, and harvest a number of game accounts to loot and plunder. This applies to other games as well, not just evercrack.
The reason for the love of hashing is that it is one-way. There isn't any feasible method for reversing it. While things like rainbow tables can make crackers' lives easier, it still puts the burden on them.
Backup tapes get lost. Crooked employees have been known to sell access, account info, or whole dumps of DBs. External opponents aren't the only threats, you have malevolant and stupid internal threats to deal with as well.
http://www.csoonline.com/article/print/480589
http://www.csoonline.com/article/print/479038