UnThreaded | Threaded | Whole Thread (1) | Ignore Thread Prev | Next
Author: ChicagoNative One star, 50 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: of 215  
Subject: Password Safe Vulnerability Date: 3/23/2006 4:58 PM
Post New | Post Reply | Reply Later | Create Poll Report this Post | Recommend it!
Recommendations: 2
If anyone reading this board uses Password Safe 3.0 (freely available from http://passwordsafe.sourceforge.net/) on any Windows operating system older than XP, then pay a bit of attention.

See: http://www.securityfocus.com/bid/17200/info

PasswordSafe 3.0 on older Windows platforms will use non-cryptographically secure random number generation. Without getting into technical details, this means that an attacker can break into the Password Safe file much quicker than they should be able to. According to Elcomsoft (who discovered the vulnerability), it would take no more than 6 hours.

The total number of all possible seed values is limited by 2^32, so
it is quite feasible. Our experiments show that the key can be
recovered in less than 6 hours on the single PC (Pentium 4).


Post New | Post Reply | Reply Later | Create Poll Report this Post | Recommend it!
Print the post  
UnThreaded | Threaded | Whole Thread (1) | Ignore Thread Prev | Next


Foolanthropy 2014!
By working with young, first-time moms, Nurse-Family Partnership is able to truly change lives – for generations to come.
When Life Gives You Lemons
We all have had hardships and made poor decisions. The important thing is how we respond and grow. Read the story of a Fool who started from nothing, and looks to gain everything.
Post of the Day:
Macro Economics

Looking at Currency Ratios
What was Your Dumbest Investment?
Share it with us -- and learn from others' stories of flubs.
Community Home
Speak Your Mind, Start Your Blog, Rate Your Stocks

Community Team Fools - who are those TMF's?
Contact Us
Contact Customer Service and other Fool departments here.
Work for Fools?
Winner of the Washingtonian great places to work, and "#1 Media Company to Work For" (BusinessInsider 2011)! Have access to all of TMF's online and email products for FREE, and be paid for your contributions to TMF! Click the link and start your Fool career.