background preloader

Your Clever Password Tricks Aren't Protecting You from Today's Hackers

Your Clever Password Tricks Aren't Protecting You from Today's Hackers

Décoder les indices pour retrouver un mot de passe Windows ? La belle affaire… Dans un article publié sur son blog mercredi, la société TrustWave SpiderLabs explique comment elle a réussi à décoder les indices pour le mot de passe de Windows 7 et 8. Pour rappel, ces indices censés être secrets doivent permettre à un utilisateur de se souvenir de son mot de passe. Évidemment, maintenant ce script pour décoder ces indices a été intégré à Metasploit et peut être utilisé par tous... Maintenant revenons sur terre... ça ne me choque pas que ces indices soient peu, voire pas protégés. C'est pareil sur les téléphones ou les autres OS d'ailleurs. C'est fait pour, puisque, eh bien oui, vous avez oublié votre mot de passe. Écrivez plutôt un truc qui soit perso, auquel vous seul pourra répondre.. "Comme d'hab""azertyuiop^$ blabla 123" Bref, des conneries puisque je n'ai pas besoin d'indice pour retrouver un mot de passe qui de toute façon n'a aucune signification particulière. Bref, ne soyons pas cons (enfin, pas trop ^^) Photo Vous avez aimé cet article ?

mashable An encryption flaw called the Heartbleed bug is already being dubbed one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years. But it hasn't always been clear which sites have been affected. Mashable reached out to some of the most popular social, email, banking and commerce sites on the web. We've rounded up their responses below. Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. Although changing your password regularly is always good practice, if a site or service hasn't yet patched the problem, your information will still be vulnerable. We'll keep updating the list as new information comes in. Social Networks Other Companies Email Stores and Commerce Other

Le mot de passe de la Banque de France ? 1 2 3 4 5 6 La Banque de France devrait sans doute faire appel à de nouveaux experts en sécurité : son code d'accès ayant été percé par un internaute à l'insu de son plein gré. Ce code était 1 2 3 4 5 6. On aurait presque du mal à le croire, mais le code d’accès de la prestigieuse Banque de France était bête à en pleurer : il se résumait à 6 chiffres, et pas n’importes lesquels : 1 2 3 4 5 6, à la suite. Difficile d’imaginer qu’un quelconque expert ait conseillé de fixer un tel code de sécurité ! Ce même code de sécurité a donc été percé, en 2008, par inadvertance (enfin presque !) par un internaute qui voulait avant tout user de « numéros passerelles » permettant d’outrepasser les numéros surtaxés. Envoyé devant le tribunal de Rennes ce mardi suite à ce méfait, l’homme, allocataire du RSA, a été relaxé, du fait qu’il ait « agi en toute bonne foi ».

How to Get One – Google Glass Close Google Glass Thanks for your interest. Keep an eye out for an email from glass-support@google.com. Join the conversation: Join the Glass Explorer Program Want to help shape the future of Glass? Become an Explorer Not ready to become an Explorer? * = Required field. If you are US based, visit us for a demo at one of our Basecamps in San Francisco, Los Angeles or New York. Click "Sign me up" to hear about the latest news and help shape the future of Glass. Privacy & Terms

Rainbow Hash Cracking The multi-platform password cracker Ophcrack is incredibly fast. How fast? It can crack the password "Fgpyyih804423" in 160 seconds. Most people would consider that password fairly secure. The Microsoft password strength checker rates it "strong". Why is Ophcrack so fast? Although those are beautiful, too. To understand how rainbow tables work, you first have to understand how passwords are stored on computers, whether on your own desktop, or on a remote web server somewhere. Passwords are never stored in plaintext. But it is possible to attack the hashed value of your password using rainbow tables: enormous, pre-computed hash values for every possible combination of characters. How enormous are rainbow tables? It takes a long time to generate these massive rainbow tables, but once they're out there, every attacking computer can leverage those tables to make their attacks on hashed passwords that much more potent. All LM hashes are empty. The Ophcrack tool isn't very flexible.

Test your server for Heartbleed (CVE-2014-0160) If there are problems, head to the FAQ Results are now cached globally for up to 6 hours. Enter a URL or a hostname to test the server for CVE-2014-0160. All good, seems fixed or unaffected! Uh-oh, something went wrong: Check what it means at the FAQ. It might mean that the server is safe, we just can't be 100% sure! Here is some data we pulled from the server memory: (we put YELLOW SUBMARINE there, and it should not have come back) Please take immediate action! You can specify a port like this example.com:4433. 443 by default. Go here for all your Heartbleed information needs. If you want to donate something, I've put a couple of buttons here.

Faire apparaitre un mot de passe en clair dans votre navigateur Faire apparaitre un mot de passe en clair dans votre navigateur Si vous utilisez la fonction de mémorisation des mots de passe de votre navigateur, vous savez surement que vous pouvez consulter cette liste (en clair) via les Préférences de votre navigateur. Mais il existe une autre méthode tout aussi efficace. Il suffit de vous rendre sur le site pour lequel vous voulez récupérer votre mot de passe... Là, vous voyez les petits ronds noirs qui indiquent qu'il y a un mot de passe. Ensuite, lancez Firebug ou l'inspecteur natif de Firefox, et placez-vous sur le champ password. Remplacez alors la valeur de l'attribut "Type" du champs par "text" Et voilà... Source Vous avez aimé cet article ?

Microsoft is bringing the Start Menu back Millions asked for it, and Microsoft is providing it: the old Start Menu is coming back. Kind of. At its Build conference today, Microsoft announced a new Start Menu that looks like a hybrid of the best of Windows 7 and Windows 8. It's around the same size as the Windows 7 menu, but also features miniature Live Tiles along one side. In the same demonstration, Microsoft also showed a new mode that allows modern Windows 8 apps to run in the desktop environment inside their own windows. A major Windows 8.1 update is coming later this month, but neither of the new features will make it into that refresh. 90 Seconds of The Verge: Microsoft Build 2014 Source The Verge Live Blog

Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do. Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered. The list contained 16,449 passwords converted into hashes using the MD5 cryptographic hash function. While Anderson's 47-percent success rate is impressive, it's miniscule when compared to what real crackers can do, as Anderson himself made clear.

News Headlines US News Page 1 of 2 | Next PageShow Entire Article The best problem-solvers in the world are… CNBC.com | April 01, 2014 | 07:15 AM EDT Students from Singapore and Korea are the best in the world at problem solving, according to new research published by the OECD. "Students in these countries are quick learners, highly inquisitive and able to solve unstructured problems in unfamiliar contexts," the OECD said in a press release. The conclusion is the result of the organization's problem-solving test called PISA, in which 85,000 students from 44 countries took a computerized assessment, asking them to solve a real-life scenario including setting a thermostat and finding the quickest route to a destination. Japan, Macao-China and Hong Kong-China were among the top performers, while countries including the U.K., Canada and Australia outperformed the OECD average. Read More China's education plan ... from Finland's playbook

Why passwords have never been weaker—and crackers have never been stronger In late 2010, Sean Brooks received three e-mails over a span of 30 hours warning that his accounts on LinkedIn, Battle.net, and other popular websites were at risk. He was tempted to dismiss them as hoaxes—until he noticed they included specifics that weren't typical of mass-produced phishing scams. The e-mails said that his login credentials for various Gawker websites had been exposed by hackers who rooted the sites' servers, then bragged about it online; if Brooks used the same e-mail and password for other accounts, they would be compromised too. The warnings Brooks and millions of other people received that December weren't fabrications. "The danger of weak password habits is becoming increasingly well-recognized," said Brooks, who at the time blogged about the warnings as the Program Associate for the Center for Democracy and Technology. The ancient art of password cracking has advanced further in the past five years than it did in the previous several decades combined.

Macaw | The code-savvy web design tool.

Related: