Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: How the password could be recover using FTP Explorer'sregistry!

Re: How the password could be recover using FTP Explorer'sregistry!

From: Mikael Olsson <mikael.olsson_at_ENTERNET.SE>
Date: Wed, 1 Mar 2000 09:30:13 +0100

"Mark D. Miller" wrote:
>
> Actually, this is not an example of insecurity on a user friendly platform.

I beg to differ.

> The Voice Print Password is an alternate password method. The primary is
> the password you type in. When the voice print password is used, it uses
> the typed password to decrypt the keychain.

... and where does the typed password get stored, may I ask? Is it encrypted
somehow? In that case, how? Because the voice print certainly cannot be used
to decrypt it, as it varies too much every time you pronounce it. Encryption
is kind of funny that way, even if just one single bit is wrong, you won't be
able to decode the secret :-P

> Since everyone's voice is unique, there shouldn't be any worry as to security.

Ehm. Right. 

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson@enternet.se
Received on Mar 01 2000
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos