I think the point is microsoft is storing passwords rather than salted, iterated hashes of passwords, storing EFS symmetric keys in clear text or lightly obfuscated in LSA keys which is not encrypted, just protected by policy tied to the windows login, and all these insecure things vs say linux loopback encryption and encrypted swap, and unix password mechanism, where your only way in is to guess salted passwords via brute force.
With windows its just a question of booting or running tools that by pass these "policy enforcement" windows components. Sure most people in the security industry know windows security is not good, microsoft's coffee tools is just another reminder and shows that even microsoft knows it, and can package bundles of software making that "point and click", the same as the hacking toolkit authors. Adam On Fri, May 2, 2008 at 12:32 PM, Dave Korn <[EMAIL PROTECTED]> wrote: > Arshad Noor wrote on 30 April 2008 20:36: > > > > It can be "ordered to decrypt system passwords"??? So, I wonder > > what attackers can do with this... > > They can run pwdump, lsadump, samdump, dump the pstore, snarf the SAM, all > that kind of stuff that is completely routine and everyday. > > See here for a very similar device that's a couple of years old: > http://wiki.hak5.org/wiki/USB_Switchblade > > Honestly, this is nothing extraordinary or even new. > > cheers, > DaveK _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
