Date: Sat, 14 Dec 1996 18:24:38 +1100 (EST) From: Julian Assange <proff@iq.org> To: ache@nagual.ru (=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7=2C_Andrey_Chernov?=) Cc: security@freebsd.org, hackers@freebsd.org Subject: Re: vulnerability in new pw suite Message-ID: <199612140724.SAA05070@profane.iq.org> In-Reply-To: <Pine.BSF.3.95.961214164310.396C-100000@nagual.ru> from "[______ ______, Andrey Chernov]" at "Dec 14, 96 04:51:08 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Sat, 14 Dec 1996, Julian Assange wrote: > > > The FreeBSD account administration pw suite is able to produce > > "random" passwords for new accounts. Due to the simplicity of the > > password generation algorithm involved, the passwords are easily > > predictable amid a particular range of possibilities. This range > > may be very narrow, depending on what sort of information is > > available to the attacker. > > I agree on this subj. but I wonder about method you use, it > is unnecessary complex, reading /dev/urandom will be enough > without MD5 hashing. /dev/urandom not optional device, so > if it isn't exists or not give enough bytes it must be > detected as program failure and not covered by MD5 workaround. > -- > Andrey A. Chernov I thought it was optional, a check of this shows you are right. Still, it is possible that David is using pw(8) on more platforms than FreeBSD. As for the password length issue, known password length is only an issue with dictionary passwords, as length l-1 is always many times easier to check than length l, so any such checking algorithm always starts at the smallest length and works up. The worst case (security wise) senario only gains the attacker 1/n comparisons, such that n is the number of potential characters selectable for any given character position. i.e 1/n < 1/26 -Julian A. (proff@suburbia.net)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612140724.SAA05070>