Mark Dalby

Fighting Ignorance since 1986 (It’s taking longer than I thought).

Advertisement

Posts Tagged ‘ password ’

iPhone lock-screen password app pulled

June 16, 2011 | No Comments | Security

http://www.flickr.com/photos/auntiep/3421549383/

Apple has removed a third-party application that was gathering user-submitted lock-screen passwords for what its creator claims were research purposes.

The software, dubbed “Big Brother Camera Security,” was created by developer Daniel Amitay to serve as an alternative to Apple’s lock-screen security.

Users could run it when leaving their iPhone or iPod Touch unattended, and the application would require an iOS-style passcode to resume. If a user entered the incorrect password, the software would take a photo of that person, and if the app was exited, an alarm would sound.

A side feature, added by Amitay in the most recent software update, began sending him user-entered passcodes, which were anonymized. Amitay on Monday posted the results of that data, which was made up of 204,508 recorded passcodes, to show what some of the most common passwords were. The move did not go over well in Cupertino. “Got a call from Apple last night regarding the removal of Big Brother from the App Store,” Amitay wrote in a blog post today. “Apparently, Apple believed that I was ‘surreptitiously harvesting user passwords,’” Amitay wrote.

Tags: 
Apple
Software-Programming
Source: 
CNet News

HITBSecNews – Keeping Knowledge Free for Over a Decade

Share Your Netflix Password, Go to Jail?

June 3, 2011 | No Comments | Security

http://www.flickr.com/photos/asurroca/3221169909/

Have you shared your Netflix, Hulu Plus, or Rhapsody password with a friend? While it might seem harmless, this type of activity could now land you in some legal trouble in Tennessee.

Gov. Bill Haslam this week signed a bill that would make it illegal to share your password on subscription-based entertainment services like Netflix, Pandora, or Hulu Plus. As the AP explained, the bill is intended to stop hackers who sell batches of passwords, but it could extend to the average user who lets friends or family members watch a movie using their Netflix login or listen to music streams on Rhapsody.

“What becomes not legal is if you send your username and password to all your friends so they can get free subscriptions,” bill sponsor Rep. Gerald McCormick, a Republican, told the AP. The bill, H.B. 1783, was first introduced in February and signed by the governor on Monday. It goes into effect on July 1. Violations that involve services valued at $ 500 or less will be classified as a misdemeanor and involve a $ 2,500 fine and up to a year in jail. It would be considered a felony if the value is between $ 500 and $ 1,000, or if it’s the person’s second offense.

Tags: 
Security
Law and Order
Source: 
PC Mag

HITBSecNews – Keeping Knowledge Free for Over a Decade

GPU is brilliant tool for password cracking

June 2, 2011 | No Comments | Security

http://upload.wikimedia.org/wikipedia/commons/thumb/4/44/6600GT_GPU.jpg/625px-66

While many are touting the GPU as brilliant for supercomputing, it seems that one bloke is suggesting they are really good for bruteforce guessing Windows passwords.

Writing in his bog , Vijay Devakumar, from Chennai, India, said that while GPUs were used only for getting graphical output, rendering frames in games and other purposes related to graphics, people are now realising that GPUs are far more efficient at handling highly parallel tasks. But the difficulty is working out a good way to code graphic cards.

There is a natty free password hash cracker called ighashgpu which was developed by Ivan Golubev. Devakumar used his Radeon 5770 to crack passwords really quickly. He demonstrates hacking a Windows logon passwords. He does a comparison with another popular and free security tool Cain & Abel which uses the CPU. A password with five characters took Cain 24 seconds to crack the password at the rate of 9.8 million passwords/sec. But ighashgpu found it in less than one second it tried 3.334 billion passwords before hitting the right one.

Tags: 
Security
Hardware
gpu
Source: 
Tech Eye

  • Share/Save

HITBSecNews – Keeping Knowledge Free for Over a Decade

Updated rogue AV installs on Macs without password

May 26, 2011 | No Comments | Security

A new version of rogue antivirus malware that targets the Macintosh operating system does not need victims to type in their administrator passwords to install and infect the machine, a security company said today.

The latest version of the malware has been overhauled to look like a native Mac OS X application and is using the application name MacGuard, according to an Intego blog post. But particularly concerning is the fact that unlike previous versions, which were dubbed Mac Defender, MacProtector, and MacSecurity, MacGuard installs itself without prompting for the admin password.

“If Safari’s ‘Open safe files after downloading’ option is checked, the package will open Apple’s Installer, and the user will see a standard installation screen,” the antimalware company’s post says. “If not, users may see the downloaded ZIP archive and double-click it out of curiosity, not remembering what they downloaded, then double-click the installation package. In either case, the Mac OS X Installer will launch.”
Hack In The Box

Sony Shuts Down PSN Briefly Due to Flood of Password Resets

May 17, 2011 | No Comments | Security

Sony was forced to shut down the PlayStation Network for half an hour early Monday morning after its networks were inundated by customers trying to reset their passwords.

“We’re currently experiencing an extremely heavy load of password resets, so we recently had to turn off services for approximately 30 minutes to clear the queue,” wrote Nick Caplan, head of communications, at the Sony PlayStation EU blog. “If you’ve requested your password reset, please give it a bit of time to reach your email.”

On Saturday, when Sony began restoring its online services to millions of users in the Americas, Europe, and Australia (but not Japan), Sony said customers would have to wait for an email with a link to reset their passwords before being allowed back into the PlayStation Network. Unfortunately this process has been bogged down with delays, with customers awaiting the email lashing out on Sony’s blogs, forums, and social networks.
Hack In The Box

The best password is a sentence, says expert

May 9, 2011 | No Comments | Security

These days anyone could be watching you, monitoring your every move, waiting to pounce and poach passwords to access your personal data.

“There are new attacks every day, we see something like 90,000 new pieces of malicious codes coming into our labs every day — that’s one every second,” said Graham Cluely, Senior Technology Consultant at the software security company, Sophos.

“The main motive to all of this is to make money,” he added. “They want your email passwords so they can begin to commit identity theft and raid your bank accounts. The most common passwords are words that you find in the dictionary like “password,” “tablecloth” or even the name of a football club. Cluely dismissed these types of passwords as rubbish.”
Hack In The Box

LastPass Password Troubles: What Happened?

May 6, 2011 | No Comments | Uncategorized

News ≈ Packet Storm

Accessing your Router to change the WEP key.

October 11, 2009 | No Comments | Hacking, Hardware, Security, Software, Uncategorized

I seem to do this quite a lot for people,  So I’m thinking it’s time to write some instructions.

Take the following scenario….

I’ve forgotten the Wireless password for my router (WEP / WPA Key).

Ok first up, if your on Sky or O2 broadband there is a sticker under your router so stop being a *#!@$ and do a little manual investigation before googling.

If the sticker is non-existent then follow the below…

  1. Plug your computer into your router via a cable (of get on a computer that already has the WEP key installed and is connected)

  2. Open your browser of choice (Firefox, Chrome, Safari). If this happens to be Internet Explorer…
    • STOP!
    • Turn off your device.
    • Run a nice cold bath.
    • Chuck it in

      • You don’t deserve to use a computer!!!

  3. Type the following into your web browser… http://192.168.1.1 or if that doesn’t work try http://192.168.1.254

  4. A pop up box should come up asking for a username and password.. this is normally username: admin password: password.  If for some reason this doesn’t work go to http://www.routerpasswords.com/ to get your password.

  5. Now once you have logged in you should see a category that says something along the lines of.. “Wireless Security” or sometimes just “Wireless” click on that and voila! there is your WEP Key.

note: there are occasions where the above addresses don’t work, if this is the case please add a comment and i’ll get you the relevant address.

Happy Hacking,

Mark

Get Adobe Flash playerPlugin by wpburn.com wordpress themes