Password Crackers, one of the oldest commercial password recovery organisations in the world, says operating systems are becoming exponentially more complex and that attack surfaces are increasing.
Independent software hacker Benjamin Gatti says users are requiring fundamentally more risky (mobile) access on less secure platforms (cloud) and engaging in practices in terms of storing data that nobody would have accepted five years ago. "They have opted to relinquish privacy in an unprecedented way, and are coalescing around a small number of vendors for a broad range of critical services with no failover."
He says none of this bodes well for the future of security. "Unless people value security, and this motivates and incentivises them to make decisions to opt for secure systems and ways of doing business, this will not improve."
Password Crackers provides a service through the hacking of passwords, an act that has certain negative connotations. Robert Weiss, founder of Password Crackers, says it's all about semantics. "There are a number of definitions of hacking. A hacker can be 'a person who uses computers to gain unauthorised access to data' or 'a skilful computer programmer or user'."
The confusion, according to Weiss, comes in with the terms people use to describe hackers or hacking. "I have described Password Crackers as providing digital locksmith services. Locksmiths hack locks, but everyone understands the model of locking themselves out of something legitimate and requiring someone with specialised expertise to get back in."
Weiss says a number of different companies offer password cracking solutions; however, he reasoned that most clients did not want to purchase software, they would rather prefer to purchase a service that would do this work for them.
"Largely, this was an accurate intuition and the business thrived. While I am not responsible for password cracking as an industry, my minor claim is that I was the first to offer this as a service - a model that has been broadly copied by a variety of competitors since that time," says Weiss.
Gatti and Weiss will together host a presentation titled "Cryptanalysis of the Enigma", at ITWeb's Security Summit, to be held from 7 to 9 May.
"Our presentation will focus on the golden age of cryptography, when some of the world's finest minds were forged in the fires of war, each side unwittingly sharpening the other with incremental increases in complexity. There are lessons to be learned from the weaknesses of the enigma cipher, and how these weaknesses have been addressed in modern cryptosystems to protect data at rest and data in motion," says Gatti.
Share