Hacker News new | past | comments | ask | show | jobs | submit login

I reported an issue about them using SHA1 for password storage years ago. I was insulted and attacked personally, called a spammer, blocked, etc. So I washed my hands of the project, when I was considering it for a project at work. (I looked at password security first...)

It's funny, but the dev's response has since "disappeared". Still some ignorance in the thread (thinking that multiple layers of SHA1 was safe) but hopefully history has vindicated my position at that time.

Never use OpenCart for anything. There's no point, when you'll be insulted and unsupported. And don't work with the owner/contributor: https://github.com/danielkerr

There's quite a few "fun" OpenCart issues listed here whoever is interested: https://github.com/nikolas/github-drama

The dev is indeed really incompetent for behaving like that.

I love how in the password hashing one he first says something like "ok doesn't look too hard to do X" and then shortly after "I'm closing this, its a waste of time". Wow.

Also, his response here is amazing: https://web.archive.org/web/20160120051637/https://github.co...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact