Domain: lostpassword.com
Stories and comments across the archive that link to lostpassword.com.
Comments · 12
-
Re:Whole disk encryption and laptops
It won't be long before we see another court case concerning a defendant's right not to disclose his whole disk encryption passphrase.
This may appear in the future. However, it will be unnecessary as digital examiners already have the ability to get past this with as little as a warrant and some simple tools. F-Response and Passware Kit ought to do it.
-
Re:Not sure how "secure" this scheme is...
And use a tool like Password Asterisk Viewer (free from http://www.lostpassword.com/ to extract those asterisks... if a simple tool like this can do it, surely a sophisticated keylogger can have the same capability built in.
-
Be very careful!
Be very careful about the software linked here which claims to be able to retrieve your EFS keys! It may not work if you move to a new computer because your old computer failed.
EFS Key says, Encryption password must be known or SAM database must be present (Windows 2000).
Elcomsoft claims: "Finally, AEFSDR is also a state-of-the-art computer forensics tool that could be used by law enforcement, military and intelligence agencies to open secured files."
According to them, EFS provides no protection at all, since anyone can buy the software. But they don't provide information about when their software won't work, such as if you have moved a hard drive to a new computer.
-
Bush lied. Thousands died. Impeach. Imprison. -
Re:Because it's a pain on Linux
Unfortunately, MS encrypted folders use a key that is uniquely generated for your account, and once you lose the account (on the dead computer) you can't decrypt anything. There are ways to add corporate keys to the system, so that in a company setting it's possible to recover the data; however this is
/way/ beyond abilities of a typical user.
If you have an encrypted file from a Windows XP computer, as long as you know the logon password for the account that encrypted the file, you can decrypt the file. Check out EFS Key. -
Re:Quick list
I couldn't find active links for one or two of them myself, but here's an updated list -- in some cases these aren't the original sites, which have disappeared, so obviously it's worth being extra careful with antivirus software... apologies for the mess of links; the filter doesn't like short lines...
1by1 (play MP3s), AriskKey (recover passwords), AutoRuns (enumerate startup tasks), BurnCDCC (burn ISO images), CD (basic CD player), CDex (rip CDs + convert MP3/WAV), Copier [0X Copy Machine] (scan + print), CWShredder (clean spyware), DComBob (tame DCOM), DirLister (make quick file lists), Discover (force windows onscreen), DupeLocater (find and clean), FileRecovery [PC Inspector] (undelete), Folder2ISO (use with BurnCDCC), FoxitReader (read PDFs), GUIPDFTK (split/join PDFs), HijackThis (find spyware), HJSplit (split/join files), Identify_Boards (identify hardware), KatMouse installer (due to MS drivers), LCISOCreator (make ISO image from CD), Leaktest (test firewall), Microsoft keygen (people lose things), MultiRes (change res + force refresh), Multi Timer (stopwatch), NoteTab Light (text editor), NTest (test monitor setup), OnTop (pin windows to foreground), Process Explorer (task manager), ProduKey (recover passwords), Registry Commander (virus cleanup), ResHacker (examine executables), Rootkit Revealer (just in case) ShootTheMessenger (turn service off), Shred by AnalogX (simple filer shredder), TedNPad (unicode text editor), TFT (dead pixel locator), UNPnP (tame SSDP), UPX (compress executables), UnitConverter (what it says), utorrent (basic torrent app), VCdControlTool (mount ISO images), -
Re:Where's the legal crack when you want one
-
Re:My experience with Firefox> I have a lot of passwords and don't know them all;
What you're saying is that you're screwed if the system dies or even if someone clears your stored data.
Invest a little time with software which can reveal passwords, write everything down and seal that information away in a physically secure location.
Alternately, consider creating passwords according to a formula.
-
Re:Diebold's CEO is a big Republican Donor
...steadily resisting the idea of even password protecting the .mdb file...I don't have a big problem with this part of it. He resisted the idea of password-protecting the
.mdb file because it wouldn't do any good. His explicit argument was that you'd still have to give the password to the election officers and the results would be just as insecure as before. What he didn't mention was also that it doesn't take much to reverse-engineer the password out of an .mdb file anyway.I'd be more concerned if they were talking about password-protecting the
.mdb files as if it were a good thing. -
If they have physical access you're screwed anyway
remebers reading about some ancient l33wt hacker tricks. His hacker buddies stand back in awe as he... Changes the password without typing anything 20 times.
Yeah, I remember that trick. It's called a boot disk.
I'm not sure if boot disks are "l33wt", but I know that if anyone has physical access to your machine, they can access your machine. This keystroke monitoring program is silly. -
Solution to database problem - credit card req.
I'm almost certain that the following software will get the password they're looking for:
http://www.lostpassword.com/backup.htm
Trouble is, I don't have a credit card handy, so I can't buy it. Can someone buy it and find out the password? Mail it to me, after you've mailed it to them if you like. -
Norwegian password: Norton
Looks like the three files for the database were created by Norton
... backup? I just downloaded the freeware version of Backup Key key recovery program which claims to have found a Norton backup password in the file. Of course it won't tell you what the password actually is unless you pay for the program. -
Re:Oooh...Better equipped? Cracking PWs in any MS product (Windows PWLs, All Office programs, screen saver PW) is trivial. There's about a dozen programs out there that can do it toot-sweet, for free or for charge.
And those are just from one quick google search. Sounds like that PD needs to get an AOL account and a clue. I'm also sure the services provided by "someone better equipped" were rather overpriced. I do however agree with your point that law enforcement doesn't have much chance. As has been usual throughout history, they will catch the dumbshit crooks who use insecure MS passwords or 128-bit keys, and the smart ones will continually get away, MOTHER FUCKER