[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Lame security software



In showing a co-worker why a lot of the cryptographic software
out there is really bad to use, I found one of the worst examples
I've ever run across, and I'm in a sharing mood today. For those
Mac users out there, get ahold of Norton Partition, which ships
with Norton Utilities 2.0. I was demoing the only way it should
be counted on for anything, and then not much, by setting up a
non-automounting DES encrypted soft partition. I chose the password
'cheesetoast', and explained why this was a bad choice, etc. Well,
upon mounting the disk to demo something else, I misstyped 'cheeseto "
(that last character is a space), and whad do you know, it mounted. I
suspect it checks a hash of the first eight characters, tossing the
rest, but don't have time to check and see if that is the case.

Happy ending - My coworker then asked "What is that PGP think again?"


-j
--
"Blah Blah Blah"
___________________________________________________________________
Jamie Lawrence                                  <[email protected]>