Viewing entries tagged
hacking

Rainbow Tables: The Password Conundrum Part 4

Comment

Rainbow Tables: The Password Conundrum Part 4

In the forth and final post in this series on passwords, I’ll talk to you about rainbow tables. I think the best way to get people to create and use good passwords is to teach them how passwords are cracked.

Long ago, when UNIX-like systems were used as shared servers and most people logged into them with “dumb terminals”, users could see who else had accounts on the system. This was convenient, especially in work or academic environments and acted as a directory of sorts. So if Alice wanted to send an email message to Bob, she would just log on to the system and look at a file called /etc/passwd. This file showed each person’s username, name, and other information. This file also contained each users password in the form of something called a hash. Trend Micro explains that, “Hash values can be thought of as fingerprints for files”. The hash is a mathematical representation of the password that cannot be reversed or

Comment

Sextortion Revisited

Comment

Sextortion Revisited

Lately, a handful of friends and colleagues told me they received an email that claiming that a malicious hacker had installed malware on their computer through a porn site. The email showed one of the recipient’s passwords and explained that the hacker has access to the recipient’s webcam and has a log of all of their keystrokes. Then the hacker gives the recipient two choices: 

  1. Ignore the email and a video of the recipient, visiting the porn site will be sent to all of the recipient’s contacts.

  2. Or, pay a ransom in bitcoin, and the hacker will delete the video.

This email scam that has been a popular phishing attack in 2018. As cybersecurity reporter, Brian Krebs, blogged about back in July, “Here’s a clever new twist on an old email scam that could serve to make the con far more believable.” 

If you happen to receive one of these emails…

Comment