Archive for March, 2009

EFS-Encrypted Data Recovery

Tuesday, March 31st, 2009

The Encrypting File System (EFS) was first introduced in Windows 2000 and, as Microsoft claims, is an excellent encryption system with no back door.

However, the most secure encryption can be ambiguous. It would efficiently prevent hackers and other illegal intruders from breaking into your system and getting access to your well-encrypted data. The other side of the coin is that both a regular user and a seasoned administrator can lose important data due to unforeseen circumstances. It is also the case with EFS.

Check out the success story on how EFS-encrypted data can be recovered (the PDF is 81 Kbyte) with Advanced EFS Data Recovery.

Teach Yourself Secure Passwords

Monday, March 30th, 2009

lifehacker has started a series of posts on choosing and using secure passwords. Few days ago they published a list of handy tips from their readers on how to create passwords you can rely on. One of the readers admitted that in a company he works for IT administrators require password change every 30 days and

it just results in workers picking the easiest password that meets the requirements – as in a MM/YYYY-style password.

Sounds like it’s time to rethink password policies. What are your ideas?

AutoINcomplete

Thursday, March 26th, 2009

Have you ever had to say sorry because you’ve sent an e-mail to a wrong person? Isn’t it an embarrassing situation? Hopefully it wasn’t a confidential e-mail otherwise you may get into trouble. After all it’s typical of all of us. You’ve simply made a stupid blunder to enter a wrong address…or to use AutoComplete. Such things may trigger some unpleasant consequences which is actually a minimal harm AutoComplete can incur.

AutoComplete is just another exiting feature that can save your time. It is designed to accelerate computer interactions, facilitate the working process, and spare you the necessity to type in the whole text. Though it was initiated for user’s convenience, AutoComplete represents an ominous threat to the security of your sensitive data.
(more…)

Pen Testing with Distributed Password Recovery and GPUs

Thursday, March 19th, 2009

The German c’t magazine (issue 06/09) has published an article about cracking of NTLM-hashes with graphic cards. In this article pen test experts from SySS GmbH bring up a touchy question of how fast an intruder can break into your system. How long should your Windows logon password be, so that you could keep having your beauty sleep?

Elcomsoft Distributed Password Recovery was run on dual-core AMD Athlon X2 4850e, 2.5 GHz, with Nvidia GeForce 9800 GTX installed. The cost of the test system is worth the effort. One can fetch it for only $1K.

Now, what is the outcome?
(more…)