Monday, January 15, 2007

How to crack a system

Cryptonomicon, a reasonably popular science fiction book, includes an excellent introduction to cryptography. So I actually knew most of what Schneier tells us about how passwords are cracked...
Schneier on Security: Choosing Secure Passwords

... AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive ... everywhere. And it creates a dictionary from that, and feeds it into PRTK.

And PRTK breaks more than 50 percent of passwords from this dictionary alone.

What's happening is that the Windows operating system's memory management leaves data all over the place in the normal course of operations. You'll type your password into a program, and it gets stored in memory somewhere. Windows swaps the page out to disk, and it becomes the tail end of some file. It gets moved to some far out portion of your hard drive, and there it'll sit forever. Linux and Mac OS aren't any better in this regard...
It's somewhat reassuring to know Schneier isn't perfect. As others note in the comments (I looked) he's wrong about OS X -- both the user directory and the swap file can be optionally encrypted with modest performance impacts.

Personally, I store my passwords in an encrypted database and I generate the important ones from GRC's password generator. My answers to the "personal question" are long strings of angrily typed characters ...

XP, however, is kind of hopeless. Maybe Vista is different.

No comments: