Total Tests:

Troy Hunt open-sources Have I Been Pwned engine

By Admire Moyo for ITWeb
Tuesday, August 11, 2020

Data breach and record exposure search engine Have I Been Pwned (HIBP) is going open source.

Huge contribution

Ilia Kolochenko, founder and CEO of Web security company ImmuniWeb, comments: “Maintaining a database such as Have I Been Pwned is a titanic effort, and Troy Hunt definitely improved the modern Internet by attracting everyone’s attention to the skyrocketing problem of data breaches and leaks affecting everyone in our society.

“It’s still a bit unclear who within the emerging HITB community will have access to the data of billions of stolen credentials and for which purposes. In some states, such access may be unlawful and criminally punishable under a fairly broad spectrum of circumstances.

“Otherwise, the idea to bring in community efforts makes a lot of sense, as communities like the Open Bug Bounty project have had more success compared to many commercial crowd security testing companies.”

Kolochenko says disclosing a source code may also impose certain risks; for example, attackers will have a better understanding to detect vulnerabilities in the code and potentially compromise the project.

“Vetting of the developers and security enthusiasts is not an easy task given that many cyber criminals will want to get access to the project under colour of supporting it. I hope the project will successfully reinvent itself.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential