[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Meinel news article(hehe) (fwd)
---------- Forwarded message ----------
Date: Fri, 04 Apr 1997 02:42:48 EST
From: J R S <[email protected]>
To: [email protected]
Subject: Meinel news article(hehe)
Routers-
Redmond, Wa - It seems that after Microsoft squashes one bug,
another shows up.
Today, in Happy Hacker Digest, the ueber-cracker Carolyn Meinel
found another one. It relies on the fact that NT does not use good,
strong encryption. Meinel, a NSA-approached hacker turned media glutton
relied on a her mathematical skills to find the weakness.
"I was once offered a job by the NSA. I read the book _Applied
Cryptography_. I know lots of good math jokes." In actuality, it was her
cousin who was offered the job at the NSA, as he could factor numbers in
his head. Carolyn's cousin does other things, such as carry on as her in
internet IRC 'chat sessions'.
"Diffie Hellman is not secure. It has back doors in it. I mean it
is suspected to have back doors in it. I mean some guy thinks it might
have a back door in it. I wrote about it in my paper. Go read my paper."
Unfortunately, Meinel was not able to be questioned as to the name of her
paper.
With her knowledge of cryptography, Meinel was able to make a
'k-rAd x-pl0it' against the Windows NT operating system. Carolyn found
that if one has administrator access to the 'NT box' than she could
decrypt the passwords because of NT's lax cryptography. When asked about
the possibility that her exploits come out of other areas, such as
bugtraq or dcstuff, Meinel replied with "Oh, I'd say I only get %5 from
the other lists." When asked again, she came back with "Ok, well about
%lk3j3pfv;ldjf08w damn line noise anyways, the point is that I found an
x-ploit in NT that should be fixed."
Mike Nash, Director of Marketing for WindowsNT thinks differently
of though. "Even Ms. Meinel said that if you use 'really big passwords'
than decryption is not possible. If you look at the NT manuals, you will
notice that they have always cautioned to use really big passwords.
Besides, isn't this the same bug that was found last week?"
We tried to reach Meinel for comment, but she was unreachable.
Getting a straight answer out of her "is like nailing Jello to the wall,"
as one crypto-hacker put it after talking to her.
T.I.
Incubus "SunOS, the swiss
[email protected] cheese of UNIX"
...Major