You are either not logged in or not registered with our community. Click here to register.
 
December 09, 2016, 03:53:25 AM

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length

Click here if you are having problems.
Default Wide Screen Beige Lilac Rainbow Black & Blue October Send us your theme!

Hark!  The Herald!
Holiday Issue 2016

Wiki Blogs Dicebot

Author Topic: Elliquiy unsafe?  (Read 1490 times)

0 Members and 1 Guest are viewing this topic.

Offline Vekseid

Re: Elliquiy unsafe?
« Reply #25 on: April 16, 2014, 10:25:52 PM »
I do hope you're kidding, Kythia. That isn't how hackers and their tools operate, as I've seen them used against systems I have responsibility for, and have used them myself to ensure that they don't work against systems I work to defend. A password cracking tool basically has a dictionary of common passwords, and then it tries those first. There is no question of expectations: the tools they use are programmed to go after the low-hanging fruit first, which includes accounts with passwords like that. And they do this again and again for all the sites they target, and in the times they do get a password from a database, the first thing they'll do is try those same credentials on other sites.

Back in 1998 my go-to brute force tool checked for every two-word combination in a dictionary of 800,000 words plus up to two digits after the password, with variable capitalization.

These days, it's generally not possible to go without a password manager for passwords of any reasonable strength. Forum software security for passwords is only loosely based on how long and complex your password is - it's a sideshow compared to rate limiting.

Offline inghippo

Re: Elliquiy unsafe?
« Reply #26 on: April 17, 2014, 04:11:12 AM »
Vekseid, have you a dark past as hacker?  ;D

Offline Oreo

Re: Elliquiy unsafe?
« Reply #27 on: April 17, 2014, 04:16:22 AM »
^_^ This would surprise me greatly, as Veks is one of the most honorable and intelligent persons I have met on the net.

Offline inghippo

Re: Elliquiy unsafe?
« Reply #28 on: April 17, 2014, 04:18:02 AM »
I'm sure he was just testing, sometimes there's no other way to check security issues. :)

Offline Oniya

  • StoreHouse of Useless Trivia
  • Oracle
  • Carnite
  • *
  • Join Date: Sep 2008
  • Location: Just bouncing through. Hi! City of Roses, Pennsylvania
  • Gender: Female
  • One bad Motokifuka. Also cute and FLUFFY!
  • My Role Play Preferences
  • View My Rolls
  • Referrals: 3
Re: Elliquiy unsafe?
« Reply #29 on: April 17, 2014, 06:54:46 AM »
Back when I worked for one of the big name ISPs, the head of their security system was a guy who had managed to hack into the servers.  When he informed the ISP of what he'd done, they actually hired him.  (He'd come on board back in the late '80's, so there was also a sliiiiight cultural difference in effect.)  There is a subdivision among 'those who try to get onto servers through unapproved methods':  There are the people who are doing it to alert the admins to holes, and there are the people who are doing it to exploit said holes.  The 'white hats' tend to scornfully refer to the latter as 'crackers' (as in safe-cracker), although the 'black hats' seem to refer to both groups as 'hackers' without distinction.

Offline Alkrdaam

Re: Elliquiy unsafe?
« Reply #30 on: April 17, 2014, 08:04:29 AM »
Vekseid, have you a dark past as hacker?  ;D

I'm sure he was just testing, sometimes there's no other way to check security issues. :)

Ah, the white hat vs black hat conundrum. Computer hacking is almost always looked at as a bad thing, just like burglary is, but many places hire both just to have their flaws pointed out in advance. These hackers are normally called white hats, a trope referring to old Western movies and shows, such as the lone ranger. They technically possess skills that are clandestine or could be used for bad shit, but they do good stuff with said skills. Other hackers are either black hats or grey hats.

Black hats are your normal creators of malware/viruses with the ability to hack. Grey hats are the strange group, and there aren't really a whole lot of them. Really, they're the trope who hacks just for the fun/challenge of hacking... not because they actually want to steal stuff, though information seekers who steal military secrets to put them out on the net could sometimes be considered grey hats. Not to trudge up old stories or anything, but if the government is doing something illegal, and call someone a traitor for revealing secrets connecting them to it, it puts both sides in an odd situation.

Offline inghippo

Re: Elliquiy unsafe?
« Reply #31 on: April 17, 2014, 08:45:59 AM »
Yap, beyond semantics, It's always a matter of law and the law is applied to an event.
A single guy finding a vulnerability and reporting that can be accused for an unauthorized access to a system otherwise maybe he can get a job.
In my opinion doesn't matter what you do or how you do, if you make someone upset they will give you a lot of problems.
For the common user I think that the worst threat is not the single hacker/cracker/scammer ecc but the big companies and the way they use your data.



Offline jaybee55

Re: Elliquiy unsafe?
« Reply #32 on: April 17, 2014, 11:22:48 AM »
^_^ This would surprise me greatly, as Veks is one of the most honorable and intelligent persons I have met on the net.

That's my perception of Veks as well, though I only know him from posts on E...

But I would describe many of my hacker friends - including those who wear decidedly darker hats than the Lone Ranger - using precisely the same terms.  Some are idealistic to the core, using their "skills" only for what they perceive as worthy causes.  And I've always avoided those that are motivated by greed or hate or "glory".

Stereotypes are dangerous.

Offline inghippo

Re: Elliquiy unsafe?
« Reply #33 on: April 17, 2014, 12:00:04 PM »
That's true but think about a smaller context.
Maybe you're a developer or system admin or some kind of tech engineer, now how many times friends, parents,relatives and neighbors ask you to fix their computer?
Even that is a stereotype. For the world a person with a technical job must fix emails and install antivirus as hobby.

I think that most the people have no idea that being a developer it's different from being a systems engineer or it support.
For the same reason if they read on paper that a 18 yo guy is an evil bad hacker for the world he became an evil bad hacker.

It's the same with everything, it's just a matter of how we get informations and how much we accept those informations as true.


Offline Vekseid

Re: Elliquiy unsafe?
« Reply #34 on: April 17, 2014, 03:45:12 PM »
I'm sure he was just testing, sometimes there's no other way to check security issues. :)

More like, I get asked to do something, and sometimes we didn't have time for IT to get off their butt and make us able to do it. This was not an uncommon problem, and ended up in a bit of a turf war between IT and Software Engineering.

IT lost.

Offline Oniya

  • StoreHouse of Useless Trivia
  • Oracle
  • Carnite
  • *
  • Join Date: Sep 2008
  • Location: Just bouncing through. Hi! City of Roses, Pennsylvania
  • Gender: Female
  • One bad Motokifuka. Also cute and FLUFFY!
  • My Role Play Preferences
  • View My Rolls
  • Referrals: 3
Re: Elliquiy unsafe?
« Reply #35 on: April 17, 2014, 03:46:51 PM »
*snickerfits*

Offline inghippo

Re: Elliquiy unsafe?
« Reply #36 on: April 17, 2014, 03:47:53 PM »
Quote
IT lost.

epic xD

Offline jaybee55

Re: Elliquiy unsafe?
« Reply #37 on: April 17, 2014, 09:02:28 PM »
That's true but think about a smaller context.
Maybe you're a developer or system admin or some kind of tech engineer, now how many times friends, parents,relatives and neighbors ask you to fix their computer?
Even that is a stereotype. For the world a person with a technical job must fix emails and install antivirus as hobby.

I get that all the time.  My preferred response:
What?  You want me to use my awesome predictive modeling and software engineering skills to fix your email or remove that horrible infection that you picked up while browsing too many porn sites or try to salvage the photos of your collection of Beanie Babies from the external hard disk that you dropped... Muahahahahaha... *rubs hands together with glee and pulls out a crescent wrench and a 16oz claw hammer*  Sure!  Happy to!  I don't know much about Windoze, but I love to experiment!


Like I said, stereotypes are dangerous.
« Last Edit: April 18, 2014, 11:39:18 AM by jaybee55 »

Offline alextaylor

Re: Elliquiy unsafe?
« Reply #38 on: April 18, 2014, 07:24:49 AM »
If anyone needs advice on choosing new passwords, I think this is the best advice out there: http://xkcd.com/936/

Some more advice that confirms this and goes into detail: http://security.stackexchange.com/a/6103

But cracking tools have kinda adapted to the 4 dictionary word password because of xkcd. I add a smiley face to my passwords for added security :)