Décoder les indices pour retrouver un mot de passe Windows ? La belle affaire… Dans un article publié sur son blog mercredi, la société TrustWave SpiderLabs explique comment elle a réussi à décoder les indices pour le mot de passe de Windows 7 et 8. Pour rappel, ces indices censés être secrets doivent permettre à un utilisateur de se souvenir de son mot de passe. Évidemment, maintenant ce script pour décoder ces indices a été intégré à Metasploit et peut être utilisé par tous... Maintenant revenons sur terre... ça ne me choque pas que ces indices soient peu, voire pas protégés. C'est pareil sur les téléphones ou les autres OS d'ailleurs. C'est fait pour, puisque, eh bien oui, vous avez oublié votre mot de passe. Écrivez plutôt un truc qui soit perso, auquel vous seul pourra répondre.. "Comme d'hab""azertyuiop^$ blabla 123" Bref, des conneries puisque je n'ai pas besoin d'indice pour retrouver un mot de passe qui de toute façon n'a aucune signification particulière. Bref, ne soyons pas cons (enfin, pas trop ^^) Photo Vous avez aimé cet article ?
Which VPN Providers Really Take Anonymity Seriously? As detailed in yesterday’s article, if a VPN provider carries logs of their users’ activities the chances of them being able to live up to their claim of offering an anonymous service begins to decrease rapidly. There are dozens of VPN providers, many of which carry marketing on their web pages which suggests that the anonymity of their subscribers is a top priority. But is it really? Do their privacy policies stand up to scrutiny? Over the past two weeks TorrentFreak contacted some of the leading, most-advertised, and most talked about VPN providers in the file-sharing and anonymity space. 1. 2. This article does not attempt to consider the actual quality of service offered by any listed provider, nor does it consider whether any service is good value for money. P2P Supporting VPN providers BTguard Response to Q1: “It’s technically unfeasible for us to maintain log files with the amount of connections we route,” BTguard explain. Response to Q2: “The jurisdiction is Canada. TorGuard 1. 2.
mashable An encryption flaw called the Heartbleed bug is already being dubbed one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years. But it hasn't always been clear which sites have been affected. Mashable reached out to some of the most popular social, email, banking and commerce sites on the web. We've rounded up their responses below. Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. Although changing your password regularly is always good practice, if a site or service hasn't yet patched the problem, your information will still be vulnerable. We'll keep updating the list as new information comes in. Social Networks Other Companies Email Stores and Commerce Other
Le mot de passe de la Banque de France ? 1 2 3 4 5 6 La Banque de France devrait sans doute faire appel à de nouveaux experts en sécurité : son code d'accès ayant été percé par un internaute à l'insu de son plein gré. Ce code était 1 2 3 4 5 6. On aurait presque du mal à le croire, mais le code d’accès de la prestigieuse Banque de France était bête à en pleurer : il se résumait à 6 chiffres, et pas n’importes lesquels : 1 2 3 4 5 6, à la suite. Difficile d’imaginer qu’un quelconque expert ait conseillé de fixer un tel code de sécurité ! Ce même code de sécurité a donc été percé, en 2008, par inadvertance (enfin presque !) par un internaute qui voulait avant tout user de « numéros passerelles » permettant d’outrepasser les numéros surtaxés. Envoyé devant le tribunal de Rennes ce mardi suite à ce méfait, l’homme, allocataire du RSA, a été relaxé, du fait qu’il ait « agi en toute bonne foi ».
Is Usenet Safer than BitTorrent? Shhh... Stick to bittorrent kid. Usenets the devil and I highly recommend against it. Geez. Thanks for the unneeded publicity. Flagged seriously? Good lord thank you for saying this. All this "the first rule of Usenet" BS has gone on for decades - give it up people, EVERYONE ALREADY KNOWS ABOUT USENET. Sorry "everyone" doesn't know about USENET. Like I mentioned to someone else in the same thread - the only barriers to everyone using usenet the same way everyone uses Bittorrent are inconvenience and cost - the fact that it's not easy, and most ISPs don't support binary newsgroups anymore. Sourceless numbers about p2p file sharing (numbers that clearly don't include BitTorrent) are beside the point, and make the assumption that the only use for Usenet is piracy, which I think is an argument you're not trying to make, are you? The percentage of the U.S. The number supplied pertains to sharing music, but one can safely assume the numbers hold for other types of file sharing.
Free Emergency Kit: Portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans Will it run on my PC? Unless you have a rather outdated PC from the late 90s, the answer is most likely yes, assuming that you’re using Windows XP, Vista, 7 or 8 - with the latest service pack installed. From Vista onwards all features are fully functional on x64 systems too. While running, Emsisoft Emergency Kit uses about 200 MB of your RAM which is quite low considering the 10 million signatures that it must load. We're proud of these test results! CNET reviewer awards 5 out of 5 stars: In the right hands, Emsisoft Free Emergency Kit can bring powerful tools to bear on a wide range of PC troubles. PC Mag recommends: If you're the security go-to guy (or gal) in your family, workplace, or neighborhood, stick a copy of Emsisoft Emergency Kit on a USB drive and keep it with you. Editor's Choice It's a very useful and easy to use program!
How to Get One – Google Glass Close Google Glass Thanks for your interest. Keep an eye out for an email from firstname.lastname@example.org. Join the conversation: Join the Glass Explorer Program Want to help shape the future of Glass? Become an Explorer Not ready to become an Explorer? * = Required field. If you are US based, visit us for a demo at one of our Basecamps in San Francisco, Los Angeles or New York. Click "Sign me up" to hear about the latest news and help shape the future of Glass. Privacy & Terms
Rainbow Hash Cracking The multi-platform password cracker Ophcrack is incredibly fast. How fast? It can crack the password "Fgpyyih804423" in 160 seconds. Most people would consider that password fairly secure. The Microsoft password strength checker rates it "strong". Why is Ophcrack so fast? Although those are beautiful, too. To understand how rainbow tables work, you first have to understand how passwords are stored on computers, whether on your own desktop, or on a remote web server somewhere. Passwords are never stored in plaintext. But it is possible to attack the hashed value of your password using rainbow tables: enormous, pre-computed hash values for every possible combination of characters. How enormous are rainbow tables? It takes a long time to generate these massive rainbow tables, but once they're out there, every attacking computer can leverage those tables to make their attacks on hashed passwords that much more potent. All LM hashes are empty. The Ophcrack tool isn't very flexible.
How to Completely Anonymize Your BitTorrent Traffic with BTGuard U.S. Coding Website GitHub Hit With Cyberattack BEIJING—A popular U.S. coding website is enduring an onslaught of Internet traffic meant for China’s most popular search engine, and security experts say the episode likely represents an attempt by China to shut down anticensorship tools. The attack on San Francisco-based GitHub Inc., a service used by programmers and major tech firms world-wide to develop software, appears to underscore how China’s Internet censors increasingly reach outside the country to clamp down on content they find objectionable. The Cyberspace Administration of China didn’t respond to a request for comment Sunday. Security experts said the traffic onslaught—called a distributed denial-of-service attack in Internet circles—directed huge amounts of traffic from overseas users of Chinese search giant Baidu Inc. to GitHub, paralyzing GitHub’s website at times. Specifically, the traffic was directed to two GitHub pages that linked to copies of websites banned in China, the experts said.
Test your server for Heartbleed (CVE-2014-0160) If there are problems, head to the FAQ Results are now cached globally for up to 6 hours. Enter a URL or a hostname to test the server for CVE-2014-0160. All good, seems fixed or unaffected! Uh-oh, something went wrong: Check what it means at the FAQ. It might mean that the server is safe, we just can't be 100% sure! Here is some data we pulled from the server memory: (we put YELLOW SUBMARINE there, and it should not have come back) Please take immediate action! You can specify a port like this example.com:4433. 443 by default. Go here for all your Heartbleed information needs. If you want to donate something, I've put a couple of buttons here.