Archive for June, 2009

Reasonable, appropriate, adequate…security (Part I)

Tuesday, June 30th, 2009

Most laws define security obligations as reasonable, appropriate, suitable, necessary, adequate etc. without giving more precise directives to follow. Is it good or bad? And what should be known about these standards?

Let’s see what major security standards say about recommended security measures.

(more…)

Thunder Tables – now registered trademark

Monday, June 29th, 2009

Good news over here! We’ve got a nice and shiny registration certificate from the United States Patent and Trademark Office. Now our Thunder Tables have their (R) sign.

 

Click to enlarge

 

As you know Thunder Tables allow guaranteed decryption of Adobe PDF and Microsoft Word documents, check the link to get a detailed description: http://blog.crackpassword.com/2009/05/thunder-tables/

Password Recovery Tools Are Legal In Germany

Wednesday, June 24th, 2009

 When we meet our customers at trade fairs in Germany, we are always asked questions about legality of our tools. The reason for this is that German law on so-called “hacking tools” is very strict. At the same time the wording of the respective paragraphs is unclear and ambiguous.

On Friday, German Federal Constitutional Court dismissed a complaint of an entrepreneur that production and distribution of tools for capturing traffic data is against the law. The judges said that the constitutional rights are not violated by the use of “hacking tools” (§202a-202b). According to the court decision, legal penalty applies only in the case when the software was developed with illegal intent in mind. “Double-purpose” tools that are designed to be used by law enforcement and IT security officers are not regarded illegal.

Special thanks for Florian Hohenauer for sending us the link.

Intel Larrabee, AMD Llano: when?

Tuesday, June 23rd, 2009

According to NordicHardware, Sapphire Or Zotac Might Launch Larrabee. No further information on Larrabee yet, though; as we already wrote, the Larrabee lauch date is set to 2010. The only news from Intel so far is about i3, i5, i7 CPU naming system: Lynnfield, Clarksfield, Arrandale, Clarkdale; besides, Intel plans shipments of 32nm ‘Clarkdale’ in Q4.

What about ATI? Nothing really new so far; but here is some info on Llano chip; also, in AMD blog, and at Tom’s Hardware: ATI Stream: Finally, CUDA Has Competition.

Squeezing your First Amendment rights

Tuesday, June 23rd, 2009

In the city of Bozeman (the US) it is…pardon, was “acceptable” to require user credentials to your personal mailboxes and other social networking accounts, when applying for a job. What for? For “a thorough background check”. (more…)

AMD Phenom II 42 TWKR Black Edition is the new black

Friday, June 19th, 2009

The world is waiting for the specifications of currently most powerful processor – AMD Phenom II 42 TWKR Black Edition aka Formula 1. They say it has an unlocked clock multiplier for ease of overclocking, though consumes 200W and thus requires good cooling. One of the pictures on the website of Maingear PC founder and CEO (Wallace Santos) has a not-for-sale-note which caused a gossip that the new processor is not meant for retail, but probably for direct selling from AMD to “extreme enthusiasts”.

So, let’s wait together for a detailed description. :)

The U.S. statutes on password related crimes – overview by states

Thursday, June 18th, 2009

In this entry I’d like to suggest a kind of a list of various legal decisions on password [ab]use I could find on the web. Your add-ins are welcome, just put in any other acts you know…

Georgia Computer Systems Protection Act
(e) Computer Password Disclosure. Any person who discloses a number, code, password, or other means of access to a computer or computer network knowing that such disclosure is without authority and which results in damages (including the fair market value of any services used and victim expenditure) to the owner of the computer or computer network in excess of $500.00 shall be guilty of the crime of computer password disclosure.
(more…)

ATI’s Hall of Fame

Thursday, June 18th, 2009

ATI Stream Developer Showcase enrolled our Elcomsoft Wireless Security Auditor in its security section, among other “notable applications” that use ATI Stream technology:

http://developer.amd.com/SAMPLES/STREAMSHOWCASE/Pages/default.aspx#security

Yet another pleasant morning news :)

 

Keyboards unreliable for keeping… transmitting secrets

Tuesday, June 16th, 2009

Time for shoulder surfing is gone, today we have more sophisticated ways to track what you are typing on your keyboard. A series of appearing keyboard attacks yet again prove its incapability of keeping secretes. Let’s see what we have…

(more…)

More than 100.000 websites are in ‘safe hands’ now

Wednesday, June 10th, 2009

The Register reports VAServ.com has been attacked and now more than 100.000 websites have gone forever because of company’s poor password policy. The attackers are unknown and Rus Foster, (former?) VAServ.com director claims that anonymous messages indicated nonexistent passwords. I wouldn’t like to sound sarcastic but their description at AboutUs.org reads quite funny now, what do you think?