Archive for February, 2010

Why you should crack your passwords

Friday, February 19th, 2010

Computer security audit

Your organization probably has a written password policy. Accordingly you also have different technical implementations of that policy across your various systems. Most of the implementations does not match the exact requirements or guidelines given in the written policy, because they cannot be technically implemented.

(more…)

New Contributor

Friday, February 19th, 2010

Per ThorsheimWe are glad to announce that we have a new contributor to our blog and we would like to introduce him to you.

Per Thorsheim is a security professional living and working in Bergen, Norway. He is currently certified CISA and CISM from isaca.org, and CISSP-ISSAP from isc2.org. You can follow him on http://twitter.com/thorsheim and read his personal blog at http://securitynirvana.blogspot.com.

New password-cracking hardware

Friday, February 19th, 2010

Some time ago we wrote about the smallest password cracking device. Not suitable for you? No problem, here is another one: not as small, but definitely more powerfull: Audi. Yes, it's a car. No, we're not kidding. Just read NVIDIA and Audi Marry Silicon Valley Technology with German Engineering press release from NVIDIA. Or if you need more information, The New MMI Generation from Audi might be also helpful. In brief: Audi A8 luxury sedan is equipped with an entertainment system that uses two GPUs from NVIDIA. We have no idea what are these chips (may be Fermi?) and is it technically possible to load our own code to them, but still funny, isn't it? :)

iPhone/iPod Backup Password Recovery

Thursday, February 4th, 2010

ElcomSoft iPhone Password BreakerToday we are pleased to unveil the first public beta of our new product, Elcomsoft iPhone Password Breaker, a tool designed to address password recovery of password-protected iPhone and iPod Touch backups made with iTunes.

In case you do not know, iTunes routinely makes backups of iPhones and iPods being synced to it. Such backups contain a plethora of information, essentially all user-generated data from the device in question. Contacts, calendar entries, call history, SMS, photos, emails, application data, notes and probably much more. Not surprisingly, such information manifests significant value for investigators. To make their job easier there are tools to read information out of iTunes backups, one example of such tool being Oxygen Forensic Suite (http://www.oxygen-forensic.com/). Such tools can not deal with encrypted backups, though.

(more…)