Skip to main content

View Diary: There's Good News and Bad News about the NSA and your Personal Passwords (189 comments)

Comment Preferences

  •  most successful password hacking (12+ / 0-)

    is simpler than code breaking.  It usually involves either simple human to human communication, or just some kind of false flag operation.

    An oldie but goodie was this: Set up something that looks just like a Yahoo Mail login page, but instead of sending you to your Yahoo mail, it just records your password attempts and sends them to somebody who wants yahoo passwords.  There are a MILLION variations on this idea.

    Another idea is this: Just set up your own password-secured site, for whatever reason: free porn, free games, celebrity news, a pro-Obama blog, whatever.  Let people make up their own names and passwords.  Odds are VERY, VERY high that they will use the same password on your site that they use on most of their others.  Tada.

    •  Social engineering works. (1+ / 0-)
      Recommended by:

      Just ask HBGary.

      Dumbo, what are your thoughts on I2P ?

      Q: “Quis custodiet ipsos custodes?” A: “Anonymous”

      by Lisa Lockwood on Sun Jul 28, 2013 at 05:20:09 AM PDT

      [ Parent ]

      •  I've read that before... (0+ / 0-)

        I don't know how it works, so I'm not sure.  I noticed that the faq pages haven't been updated very regularly, so I suspect it's an orphaned project.

        Tor sounds much more interesting.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site