Considering a (new) AMD/ATI or NVIDIA video card for password cracking with Wireless Security Auditor or Distributed Password Recovery (to get the most from GPU acceleration technology — at an affordable price)? Read the Best Graphics Cards For The Money: May ’09 at Tom’s Hardware. I especially like the Graphics Card Hierarchy Chart.
Archive for May, 2009
Tom’s Hardware has tested two mainstream NVIDIA cards (GeForce 9600 GT and GeForce 9800 GTX) on several CUDA-enabled applications. The applications were:
- CyberLink PowerDirector
- Tsunami MPEG Encoder
- Super LoiLoScope
AMD has hit another megahertz milestone record today. In fact, this is ATI Radeon HD 4890 card, overclocked to 1 GHz at the factory (normally, it runs at 850 MHz); surprisingly, air cooled (I thought that water cooling would be needed).
Today’s businesses are very mobile. Sometimes you don’t even need to have a conventional office, it becomes virtual, it is always with you in your mobile phones, netbooks and laptops. Such mobile mini-offices stuffed with corporate documents and reports, partners’ data, confidencial correspondence, access passwords are in danger of being stolen, both virtually and physically. You can try to protect your laptop using laptop security cable locks but what if it was stolen? Let all your information go into adversary’s hands? Do you _really_ think that your Windows logon password is an impenetrable barrier for the adversary? Have you heard of Elcomsoft System Recovery? You still think your laptop is secure because you have BIOS password and/or partial drive encryption? Read an article by Kevin Beaver ‘Securing corporate data on your laptops’ , take off rose-colored glasses and revise your laptop security as suggested in Kevin’s step-by-step outline.
Probably you’ve already heard about this vicious circle thousand times:
Requiring that passwords be long and complex makes it less likely that attackers will guess or crack them, but it also makes the passwords harder for users to remember, and thus more likely to be stored insecurely. This increases the likelihood that users will store their passwords insecurely and expose them to attackers.
So, how to work out an appropriate password policy? Need help? Find some tips in NIST (The National Institute of Standards and Technology) study, GUIDE TO ENTERPRISE PASSWORD MANAGEMENT (DRAFT), which “has been prepared for use by Federal agencies”, but also “may be used by nongovernmental organizations on a voluntary basis”.
Here are some nuggets from the paper:
• Organizations should review their password policies periodically, particularly as major technology changes occur (e.g., new operating system) that may affect password management.
• Users should be made aware of threats against their knowledge and behavior, such as phishing attacks, keystroke loggers, and shoulder surfing, and how they should respond when they suspect an attack may be occurring.
• Organizations should consider having different policies for password expiration for different types of systems, operating systems, and applications, to reflect their varying security needs and usability requirements.
Do you have something to add? So, review and revise it freely – the paper is not subject to copyright. 😉
If you are going to purchase a new computer (or make it yourself), you should definitely think about graphics — for CAD/CAM, gaming, searching for extraterrestrial intelligence at home or password cracking. Of course, thinking of budget, too. I hope you’re already aware of NVIDIA SLI which allows to use multiple video cards, but how a single dual-GPU compares to two single-GPU ones? Read GeForce GTX 295 Vs. GTX 275 SLI: When Two Are Better Than One.
There is a few, so I’ll put ’em all into a single blog post 🙂
First, Phoenix Technologies announced a program (for Windows XP/Vista) to link mobile phones with computer. But no, this is not about data transfer between the phone and PC. Indeed, this is a security system: walk away from your computer, and it will lock automatically; when the user returns, the program will automatically unlock the system. Of course, using Bluetooth (what else? :)). More details on Phoenix Freeze web site.
Second, Researchers take over botnet, grab 56,000 passwords an hour. Actually, this is not a very fresh idea (to steal the passwords using the malware). More important: the researchers found that most users reused passwords for multiple sites. I can guess that there are even some users who have the same passwords for accessing web sites (from pet lovers forum to online banking) and critical business data. So instead of breaking your PGP Disk container (which is really secury, even with our GPU acceleration), someone can just get the password saved by your browser. You’re warned.
And finally, just a funny story: Creative passwords only useful if you can remember them. Btw, how many cats do you have? 😉
Highly recommended: Burned, Dropped, Drowned: HDD Recovery In Pictures. I hope that you will not encounter into such situations, though :).
Another "funny" story about hard disks: US missile launch data on eBay hard drive.
Btw, if you’re looking for good disk/file recovery software, I can recommend you Handy Recovery (this is not an advertisement!). Simple, fast, cheap, and very effective. I’ve used it (personally) several times — it really works even when most of the other similar tools fail.