http://www.betanews.com/article/After-years-in-eclipse-L0phtCrack-6-rereleased/1237313931 By Angela Gunn Betanews March 17, 2009 A Windows password-auditing tool acquired by Symantec only to be shelved when the lawyers got a look at the thing has been re-acquired by its original authors, who have released a long-awaited Version 6 to the public. L0phtCrack languished for years after the company decided that the tool, popular with hackers, could raise liability issues. Once upon a time, Mudge, Dildog, and Weld Pond released L0phtCrack, which can be used as a password-auditing tool or, if you're playing offense, a tool for cracking passwords on systems not belonging to you. In 2000, the Boston-based L0pht Heavy Industries hacker collective (est. 1992, and famous for telling Congress they could take the Internet down in 30 minutes) morphed into @stake, becoming a marginally more mainstream security consultancy. In 2004, Symantec acquired @stake. To the dismay of the research staff, the far more buttoned-down (and lawyered-up) Symantec took one look at L0phtCrack and declared that selling it would run afoul of US cryptographic export regulations. A fifth version was released as LC5, but since 2006 Symantec has neither sold nor supported the product. Rights to the software recently reverted to the original L0pht crew, and here we are today. Sure, it's a hacker tool, but so's a keyboard. L0phtCrack tests passwords with multiple techniques -- hybrid attacks, dictionary attacks, rainbow tables, and the ever-popular brute-force approach. That flexibility has obvious uses for the bad guys, but white hats can also effectively deploy the software to check password strength, retrieve lost admin passwords, smooth migrations, and so forth. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Wed Mar 18 2009 - 00:27:39 PDT
This archive was generated by hypermail 2.2.0 : Wed Mar 18 2009 - 00:33:07 PDT