Not enough salt in Microsoft's dogfood

In late 1994 I wrote the MD5 based password scrambler for FreeBSD.

This has subsequently been adopted by Cisco, NetBSD, OpenBSD and GNU/libc (and thereby Linux).

Back in 1994 it was generally acknowledged that 12 bits of salt was not enough any more, and therefore the MD5 based method I wrote uses 64 bits of "salt" to make any table driven approach totally unfeasible, in addition the password can be arbitrarily long.

The fact that Microsoft still uses no salt is just beyond amazing.

Only slightly less amazing is the fact that mainstream "enterprise" UNIX operating systems like Solaris, HP-UX and AIX still use the 12 bit salted DES based password scrambler which is restricted to 8 characters long passwords.

"The future will arrive unassisted, progress not so."

Poul-Henning

FreeBSD developer

"But the boffin may have attracted the ire of Microsoft because he didn't bother to alert the firm to his research before releasing the paper, news.com claims."

News.com is full of it. The NTHash deficiency (lack of random seed) has been known and complained about for years. Luca Wullschleger and Claude Hochreutiner quite rightly point this out.

A more rational company would have not waited for a proof of concept exploit before fixing this.

Microsot - "We will fix no problem before it's (hic) time." "Good enough (for gubbimint work)"

Guy Cadeux

Your headline is, as has often been the case recently, way overboard.

The passwords being cracked are LAN Manager format. This is well known to be weak in the security community. The advice has, for a long time, been to configure stronger passwords.

Windows (NT 4.0 SP4, 2000, XP and Server 2003) starts off by trying to send the password in NTLMv2 format, which is the most secure. If this fails it will degrade to the older NTLM and finally LAN Manager password formats, in order to be able to communicate with older operating systems including Windows 9x.

Servers can be configured to only accept NTLMv2 or NTLM passwords. Clients can be configured to only send NTLMv2 passwords.

See here for information on how to set this up.

This can also be configured in Group Policy on a domain.

You can also prevent an LM logon from succeeding by disabling the LM hash of the password. See here for more details.

In a Windows 2000 Native Mode domain, the Kerberos protocol is used for all connection requests to servers in the domain. This is generally considered to be a lot stronger than NTLMv2.

Mike Dimmick

CD-RW reads, someone writes

I sympathise with Mr Levicki, as I have had a similar problem with my Yamaha CRW2200E drive, only writing to CDR instead of CDRW. The drive is rated at 20x and yet inserting a brand new 40x-rated blank results in a 12x write speed. I also tried a different brand of CDR, this time rated at 24x. But once again only a 12x burn.

The solution in my case was to disable the 'Optimum Write Speed Control' in Nero. If you go to the 'Recorder' menu, then 'Choose recorder' you can select your CD writer and then click the 'Options' button. Uncheck the 'Optimum Write Speed Control' box and Nero should now burn at the speed you tell it to. It may be worth manually selecting a speed from the drop-down box before you begin the burn process, rather than choosing 'max'.

As for the INQ, keep up the excellent journalism.

Your anti-Micro$oft articles make my day :-D

Please do not post my name or email address on your website.

[Don't worry Steve Ballmer, we won't. Ed.]

More on RFID and ubiquitous identifiers

Mike,

Try the physics for a 1mm x 1mm RFID tag. I did, and published an article (link at bottom).

The "underpants" type tag has no battery and has to get its power from radio waves. at 1mm x 1mm, you've got nanowatts to play with. Now, go through the door of Sainsbury's carrying a bag full of stuff you bought at Tescos and try reading it - you get noise. The tags meant for individual items are strictly designed to be read sequentially - and while marketeers might drool at the idea of identifying Mike Magee's shopping habits from 100 feet away, I'm damn sure the physics will stop that from happening.

You can't get more power into the passive tag's transmitter than it gets from the air.

Active tags (ie, a battery, read-write, attached to your credit card and readable at 20 feet) are a "real and present" danger. Passive tags are trivial - and I suspect the reason Wal-Mart backed off was probably that it found the passive tags didn't live up to the marketing claims...See here

Silly Season at the INQUIRER is 24 by 7, 365/366 days a year
Shares slump as humankind threatened by carbon extinction

"During this period of the year, when many people are on holiday, newspapers find their columns increasingly difficult to fill and run wacky stories that would never get a look in otherwise."

Of course, The Inq never suffers from this phenomenon. It just runs wacky stories all year.

Paul S