SecurityRatty: tag: weak

Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example

2008-10-01 00:18:44 by Editor in Irongeek's Security Site

...Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example In a previous video I explained the basics of cryptographic hashes. Go watch " A Brief Intro To Cryptographic Hashes/MD5 " before this video. In this tutorial, Ill be giving an example of why weak hashes are bad. The example I'll be using is the CRC32 hash that Outlook...

Tags: weak, outlook, video, previous video, weak hashes, pst archives password, microsoft outlook, algorithms, crc32 hash

Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example

2008-10-01 00:18:44 by Editor in Irongeek's Security Site

...Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example In a previous video I explained the basics of cryptographic hashes. Go watch " A Brief Intro To Cryptographic Hashes/MD5 " before this video. In this tutorial, I'll be giving an example of why weak hashes are bad. The example I'll be using is the CRC32 hash that Outlook...

Tags: password, weak, outlook, video, previous video, weak hashes, original password, microsoft outlook, algorithms

Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example

2008-10-01 00:18:44 by Editor in Irongeek's Security Site

...Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example In a previous video I explained the basics of cryptographic hashes. Go watch " A Brief Intro To Cryptographic Hashes/MD5 " before this video. In this tutorial, I'll be giving an example of why weak hashes are bad. The example I'll be using is the CRC32 hash that Outlook...

Tags: password, weak, outlook, video, previous video, weak hashes, original password, microsoft outlook, algorithms

Weak security is epidemic for Feds

2008-02-13 08:18:24 by Editor in Adventures in Security

While the number of stories about incidents due to weak information security in U.S. government agencies continued to grow, there was little indication that our military was not taking care of traditional security issues--like keeping track of nuclear weapons. Well, it seems that the inability to effectively secure critical assets has spread to...

Tags: weak information security, traditional security issues, national defense, nuclear weapons, incidents due, government agencies, track, military, care

An insecurity in OpenID, not many dead

2008-08-09 01:33:39 by Richard Clayton in Light Blue Touchpaper

...weakness of SSH keys, but in practice lots of different applications were at risk ( see long list here In particular, SSL certificates (as used to identify https websites) might contain one of these weak keys and so it would be possible for an attacker to successfully impersonate a secure website. Of course the attacker would need to persuade...

Tags: openid, openid codebases, certs, weak certs, weak, openid sites, sun, suns openid website, trusts sun

Roboticsonline.com customer orders compromised

2008-01-04 14:51:08 by Evan Francen in The Breach Blog

...weak passwords are used. Using a weak (and worse yet, default) password would be a big NO NO on the administration portion of an ecommerce site. If the administrator of the site is using a strong password, then it seems more likely that the attacker exploited a vulnerability in software. The www.roboticsonline.com web site is running Windows...

Tags: secure administration site, administration site, credit card information, information, site, credit card provider, credit card, password, evan roboticsonline

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...weak algorithms with known flaws, or used in an ineffective or insecure manner. Of particular concern is the fact that virtually all cryptographic key material is permanently hardcoded in the system (and is apparently identical in all Sequoia hardware shipped to different jurisdictions Software Engineering . The software suffers from numerous...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

Price is what you pay, value is what you get

2008-05-09 14:34:15 by Gunnar Peterson in 1 Raindrop

...Weak identity = weak claim = weak access control From Ross Anderson's book (2nd edition) Were I designing an online banking system now, I would invest most of the security budget in the back end

Tags: top-quality data, quality, data, weak access control, hattip andrew jaquith, information security industry, security budget, ross anderson, additional information

Wakeup Call for Risk Management

2008-09-19 10:11:09 by Burton Group in Security and Risk Management Strategies Blog

...weak password from collapse theyre not lying. Look what happened to Sarah Palins email account! Weak and straggly SoD is a problem across all critical IT systems where deperimiterization and server consolidation may be bringing down protective barriers, identity management is weak, and strong process controls (e.g., where two people must sign...

Tags: risk management, risk management debacle, risk management failure, failure, risk management realistic, business risk management, risk management models, risk, risk management situations

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo