Hacker News new | past | comments | ask | show | jobs | submit login

> 2. AES is used in CBC mode with a different IV for each account.

Depending on the actual implementation (if everything is just one encrypted blob or if individual records are encrypted separately) using the same IV for all data in one account can be pretty bad.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact