You are currently browsing the Del DeVries weblog archives for July, 2003.
- backup (1)
- book (1)
- DataAnalysis (2)
- IT (5)
- Longhorn (1)
- Microsoft Vista (1)
- OnlineLearning (1)
- open-source (1)
- Operating Systems (1)
- PowerPoint (1)
- presentation (1)
- Python (1)
- security (6)
- spreadsheet (3)
- statistics (2)
- Students (1)
- tools (3)
- Uncategorized (99)
- video (3)
- Visualization (1)
- web (2)
- Windows Server (1)
- wireless (1)
- September 3. 2008: New Blog Software ... and conversion of prior 127 entries
- June 15. 2007: Data Visualization Tools
- May 15. 2007: Microsoft Vists, Longhorn, and evolution of operating systems
- May 4. 2007: APress - computer book publisher with the right approach
- May 1. 2007: Presentations ... and PowerPoint of course
- April 17. 2007: A security course in 12 slides!
- April 4. 2007: Transferring the Registrar of a Domain Name (Yahoo Hosting)
- March 31. 2007: How Students Develop Online Learning Skills
- March 9. 2005: Tape Mishap Prompts Calls for Disk Backups - Computerworld
- March 1. 2005: Jon Udell: All about screencasting
Archive for July 2003
Faster Methods of cracking Windows passwords
July 23. 2003 by Del.
Improvements in cracking passwords or encrypted data will continue to push the envelope - limited only by processing power, memory and creativity.
“NEW METHOD CRACKS PASSWORDS IN SECONDS
A senior research assistant at the Swiss Federal Institute of Technology’s Cryptography and Security Laboratory has published a paper outlining a way to speed up the process of cracking alphanumeric Windows passwords to only 13.6 seconds on average. The previous average time was 1 minute, 41 seconds. The new method uses massive lookup tables to match encoded passwords to the original text entered by a person, thus reducing the time it takes to break the code. ‘Windows passwords are not very good,’ says researcher Phillippe Oechslin. ‘The problem with Windows passwords is that they do not include any random information.’ The only requirement for the cracker is a large amount of memory in order to accommodate the lookup tables. The larger the table, the shorter the time it takes to crack the password. Users can protect themselves by adding nonalphanumeric characters to a password, which adds another layer of complexity to the process. Any cracker would then need more time or more memory or both to accomplish the break-in. For more information on Oechslin’s method, check out {{the post inserted below}} (CNet News.com 22 Jul 2003) ”
Source: NewsScan Daily: July 23, 2003
LASEC: Search Results
Making a Faster Cryptanalytic Time-Memory Trade-Off
Philippe Oechslin
Published:
To appear in Lecture Notes in Computer Science (Proceedings of Crypto’03)
Abstract:
In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory. This technique was improved by Rivest before 1982 with the introduction of distinguished points which drastically reduces the number of memory lookups during cryptanalysis. This improved technique has been studied extensively but no new optimisations have been published ever since. We propose a new way of precalculating the data which reduces by two the number of calculations needed during cryptanalysis. Moreover, since the method does not make use of distinguished points, it reduces the overhead due to the variable chain length, which again significantly reduces the number of calculations. As an example we have implemented an attack on MS-Windows password hashes. Using 1.4GB of data (two CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the param-eters used.
Posted in Uncategorized | Print | No Comments »
POPFile - Automatic Email Classification
July 21. 2003 by Del.
Opensource Baysian filtering of email to learn to catch all your SPAM.
POPFile - Automatic Email Classification: “POPFile automatically sorts your messages and fights spam. ”
Also at Source Forge
Posted in Uncategorized | Print | No Comments »
YahooPOPs! :: Free POP3/SMTP access to Yahoo Mail!
July 21. 2003 by Del.
Open source software tools to access Yahoo email. Free email is a good thing but problems eventually occur with space on the server for “sent” and “saved” emails. This is a potential solution.
YahooPOPs! :: Free POP3/SMTP access to Yahoo Mail!: “YahooPOPs! is an open-source initiative to provide free POP3 and SMTP access to your Yahoo! Mail account. YahooPOPs! is available on the Windows and Unix platforms.
YahooPOPs! emulates a POP3/SMTP server and enables popular email clients like Outlook, Netscape, Eudora, Mozilla, IncrediMail, Calypso, etc., to download and send emails from Yahoo! accounts.”
Posted in Uncategorized | Print | No Comments »
Another Security issue related to user and devious marketing company
July 19. 2003 by Del.
VIRAL MARKETING’ STOOPS TO NEW LOW
Internet security company Sophos is warning of a new marketing scheme reported by its Australian tech support team, which tricks users into visiting a Web site featuring free comic video clips and then installs software that sends out e-mails from their computers to people listed in their address book. The Web site, run by Curacao-based Avenue Media, uses ActiveX to display a humorous video clip and at the same time downloads an additional software component called ‘Internet Optimizer’ onto the PC, which then sends the e-mails. Peter Ducklin, head of technology at Sophos’ Asia Pacific division, says: ‘What tricks a lot of people is that the ActiveX control which kicks the process off is digitally signed. Many users assume that a program which has been signed in this way is automatically both trustworthy and desirable. Ironically, even though Internet Explorer presents a ’security warning,’ many people treat this as some kind of a ’security approval’ and are more inclined to go ahead.’ (ZDNet Australia 16 Jul 2003)”
Source: NewsScan Daily: July 17, 2003
Posted in Uncategorized | Print | No Comments »
Measuring Computing Consumption
July 19. 2003 by Del.
“HOW DO YOU MEASURE COMPUTING CONSUMPTION?
‘We’re looking for that single unit of measurement that will be the tech industry’s equivalent of the kilowatt,’ says Bernardo Huberman, a director at Hewlett-Packard’s research laboratories. Identifying and agreeing on such a unit is essential to the future success of the much-hyped initiative called ‘utility computing,’ touted by tech giants HP, IBM and Sun Microsystems. Currently, the three companies offer a jumble of pricing schemes for their utility-computing offerings, but all agree that finding a simple and standard way to measure and charge for computer use would enable the nascent market to really take off. At HP’s labs, researchers have coined the term ‘computon’ — a mix of ‘photon’ and ‘computation’ — to describe the unit, but coming up with exactly what a computon is, isn’t as easy. The problem is that unlike a kilowatt, a computon can’t be a strictly scientific quantity. It must cover aspects such as data-storage capacity and processing power, and must be flexible enough to accommodate the evolving needs of customers. ‘Ten to 20 years from now, you might see computing companies as closer to the electrical utility of today,’ says Nick van der Zweep, HP’s director of utility computing. ‘Tech companies will have big computer-processing generation stations all over the world, and there may be meters on everybody’s houses measuring how much computing power they use.’ (Wall Street Journal 17 Jul 2003) ”
Source: NewsScan Daily: July 17, 2003
Posted in Uncategorized | Print | No Comments »
YESTERDAY A MICROSOFT FLAW, TODAY A CISCO FLAW
July 19. 2003 by Del.
It had to happen eventually - the movement of very public hacks of computer networking to the backbone of the internet: Cisco. Microsoft has been beaten and abused over the years over security issues. Ok, so maybe that is what it took to get them to ship server software with defaults for “some” security rather than “no” security!!
YESTERDAY A MICROSOFT FLAW, TODAY A CISCO FLAW
Cisco, which makes communications routers and switches, has found a flaw in its software that could be used by network vandals to cause widespread outages; the company has released a free patch to fix the flaw in its Internetworking Operating System. No vandals have exploited the vulnerability up to this point, and Cisco says: ‘We literally have people working around the clock right now to get this situation taken care of.’ According to the company, the vulnerability could only be exploited by sending a ‘rare sequence’ of data packets to a device running IOS, the equivalent of Windows for routers and switches. (AP/San Jose Mercury News 17 Jul 2003) ”
Source: NewsScan Daily: July 18, 2003
Posted in Uncategorized | Print | No Comments »
IMPLANTABLE MICROCHIP STRIKES A CHORD IN MEXICO
July 19. 2003 by Del.
More news of the linkage between technology and humans. I’m not sure if these are advances or …? Someday we’ll figure out the privacy implications, advantages of the technology, etc. Untill then these types of news releases will cause concern on the privacy front, wonder for the technocrats, and mild amusement for everyone else.
“IMPLANTABLE MICROCHIP STRIKES A CHORD IN MEXICO
Palm Beach, Fla.-based Applied Digital Solutions, maker of the implantable VeriChip, is targeting consumers south of the border, where people see the tiny devices as a possible new way to thwart crime. The microchips, which are available in the U.S. as well, are implanted under the skin and can be used to link to information on identity, blood type and other information housed on a central computer. In Mexico, citizens hope the tiny devices could prove one more weapon in the arsenal needed to combat a rising wave of kidnappings, robberies and other crimes. The Mexican company in charge of distribution says it hopes to implant 10,000 chips in the first year and ensure that 70% of all hospitals contain the technology necessary to read the chips. Company officials say they are working on developing a similar technology that would use satellites to locate people who’ve been kidnapped, an application that is popular with Mexicans, but has raised privacy concerns in the U.S. (AP 18 Jul 2003) ”
Source: NewsScan Daily: July 18, 2003
Posted in Uncategorized | Print | No Comments »
Adding a link /// Internet Traffic Report
July 18. 2003 by Del.
Interesting visual information about the internet.
Adding a link /// Internet Traffic Report: “The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.”
Posted in Uncategorized | Print | No Comments »
SecurityFocus BASICS Columnists: Blogs: Another Tool in the Security Pro’s Toolkit
July 18. 2003 by Del.
Interesting column which seems to reach the same conclusions that I have about reasons to blog. I’m interested in following up on these ideas - looking for further improvements in efficiently handling information. Particularly the RSS feeds — I’ve had that documentation printed out for about 3 months now and haven’t really read it yet! I think that the actionable idea is to convert from an email push to a web feed push. Similar but different - but how? Benefits? Disadvantages? stay tuned.
SecurityFocus BASICS Columnists: Blogs: Another Tool in the Security Pro’s Toolkit: “Blogs: Another Tool in the Security Pro’s Toolkit (Part One)
By Scott Granneman Jul 16 2003 09:11AM PT
My name is Scott, and I’m an information addict.
I’ll admit, I love information. No, make that I love and need information. If you’re interested in keeping up with trends and changes in security, you’re probably an information addict as well. You absorb security-related information and then ponder, examine, and analyze it before reshaping it in a way that helps protect your data, your systems, and your networks. “
Posted in Uncategorized | Print | No Comments »
glish.com : CSS layout techniques
July 17. 2003 by Del.
This is the css used in my web blog. There are great references and information sources here for making changes. In general this is a very clever method for web page layout.
glish.com : CSS layout techniques: “CSS Layout Techniques: for Fun and Profit”
“Look Ma, No Tables.
If you are looking for help making the transition to CSS layout (that’s Cascading Style Sheets), you’ve come to the right place. I am cataloging here as many useful cross-browser CSS layout techniques as I can find, and some that I made up when I was bored last Thursday. All the examples on this site have been reduced to only their essential code, and you will find the source displayed on each page to hopefully make it quick and easy to understand the inner workings of the CSS. Feel free to steal all the code you find on this site, and consider linking back here on your site or in your source comments.
You will also find below links to various online CSS resources and tutorials, appropriate for both the novice and the seasoned CSS veteran.
I started this collection because of the dearth of resources I found out there when I went looking for information on how to translate typical table based layouts to CSS layouts. I know it is not nearly exhaustive, so if you see that there is something missing, whether it is a particularly good tutorial, or a site that is using a complex CSS layout, please let me know about it. I will pay you $3750 for each link you submit that I use.
If you don’t have any idea why anyone cares about this topic, because like tables can do all that stuff and more, please read this: To Hell with Bad Browsers. And then read this follow up interview with Zeldman. And then read about the Web Standards Project’s Browser Upgrade campaign. The future is bright, kids!”
Posted in Uncategorized | Print | No Comments »