1995-12-10 - Re: Windows .PWL cracker implemented as a Word Basic virus
Header Data
From: “Perry E. Metzger” <perry@piermont.com>
To: dan@milliways.org (Dan Bailey)
Message Hash: 85a085b52600297fad2382b303f6dfad0c449a61da1cda1da9a5171590dc485f
Message ID: <199512102214.RAA22512@jekyll.piermont.com>
Reply To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
UTC Datetime: 1995-12-10 22:14:35 UTC
Raw Date: Sun, 10 Dec 95 14:14:35 PST
Raw message
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Dec 95 14:14:35 PST
To: dan@milliways.org (Dan Bailey)
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
In-Reply-To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
Message-ID: <199512102214.RAA22512@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
Dan Bailey writes:
> No, but they're doing something that makes me very uncomfortable: As
> I read this, they're hashing the password and some other user
> information using MD4 then doing some proprietary permutations on
> that. Given their record with security, I'd rather they used straight
> MD4, rather than throwing in something that we can't analyze.
MD4 has been broken. I thought that was common knowledge. MD5 is still
safe, of course.
Perry
Thread
Return to December 1995
- Return to “Andy Brown <a.brown@nexor.co.uk>”
- Return to “dan@milliways.org (Dan Bailey)”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to ““Perry E. Metzger” <perry@piermont.com>”
- Return to “Rich Graves <llurch@networking.stanford.edu>”
Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”
- 1995-12-09 (Fri, 8 Dec 95 21:46:21 PST) - Re: Windows .PWL cracker implemented as a Word Basic virus - dan@milliways.org (Dan Bailey)
- 1995-12-09 (Fri, 8 Dec 95 22:15:44 PST) - NT v. Win95 Passwords (was Re: Windows .PWL cracker implemented as a Word Basic virus) - Rich Graves <llurch@networking.stanford.edu>
- 1995-12-09 (Sat, 9 Dec 95 00:14:32 PST) - Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker implemented as a Word Basic virus) - futplex@pseudonym.com (Futplex)
- 1995-12-11 (Tue, 12 Dec 1995 05:54:54 +0800) - Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker…) - Andy Brown <a.brown@nexor.co.uk>
- 1995-12-10 (Sun, 10 Dec 95 14:14:35 PST) - Re: Windows .PWL cracker implemented as a Word Basic virus - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-10 (Sun, 10 Dec 95 14:53:45 PST) - Re: Windows .PWL cracker implemented as a Word Basic virus - SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
- 1995-12-10 (Sun, 10 Dec 95 14:56:29 PST) - Re: Windows .PWL cracker implemented as a Word Basic virus - “Perry E. Metzger” <perry@piermont.com>
- 1995-12-10 (Sun, 10 Dec 95 14:53:45 PST) - Re: Windows .PWL cracker implemented as a Word Basic virus - SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>