Comments on: Hacker’s Holy Grail - Redefined by Microsoft… http://artofinfosec.com/56/hackers-holy-grail-redefined-by-microsoft/ Random Insights on Protecting Data, Privacy, and Digital Infrastructure Thu, 28 Aug 2008 13:30:01 +0000 http://wordpress.org/?v=2.6 By: Bozidar Spirovski http://artofinfosec.com/56/hackers-holy-grail-redefined-by-microsoft/#comment-189 Bozidar Spirovski Tue, 29 Jul 2008 12:15:48 +0000 http://artofinfosec.com/?p=56#comment-189 In a process of computer forsensics it is quite frequent that the forensic team employs tools which will analyze browser cookies, decrypt passwords, search for hidden text etc, much like a hacker. To be very frank, both forensic experts and hackers might find themselves using the same tools. But that doesn't mean that Microsoft produced anything new or spectatular. The same set of tools can be found in Helix forensic CD or several oter toolkits - when looking at open platforms and known standards, the tools are already outhere - and they are mostly free. What Microsoft could have done to empower government officials (FBI, DEA etc) is to produce tools that employ backdoors into their systems to achieve certain forensic actions at a faster rate. But this would be a very dangerous road to tread on - since any such back door will become public domain knowledge before long, and then MS will be deemed extremely insecure - once again Bozidar Spirovski http://www.shortinfosec.net In a process of computer forsensics it is quite frequent that the forensic team employs tools which will analyze browser cookies, decrypt passwords, search for hidden text etc, much like a hacker. To be very frank, both forensic experts and hackers might find themselves using the same tools.

But that doesn’t mean that Microsoft produced anything new or spectatular. The same set of tools can be found in Helix forensic CD or several oter toolkits - when looking at open platforms and known standards, the tools are already outhere - and they are mostly free.

What Microsoft could have done to empower government officials (FBI, DEA etc) is to produce tools that employ backdoors into their systems to achieve certain forensic actions at a faster rate. But this would be a very dangerous road to tread on - since any such back door will become public domain knowledge before long, and then MS will be deemed extremely insecure - once again

Bozidar Spirovski
http://www.shortinfosec.net

]]> By: Erik http://artofinfosec.com/56/hackers-holy-grail-redefined-by-microsoft/#comment-66 Erik Wed, 30 Apr 2008 11:21:01 +0000 http://artofinfosec.com/?p=56#comment-66 Rory - I concede that your are probably right. The exploit functions are the functions that permit for cracking passwords, reading memory contents, etc. via the USB port on a running machine, and I don't know how much of that functionality is on the device. I am trying to get more detailed information and I will pass that on (with corrections to my post of course ;-) ) as I am able to get it. Thanks for your comment. Erik Rory -

I concede that your are probably right. The exploit functions are the functions that permit for cracking passwords, reading memory contents, etc. via the USB port on a running machine, and I don’t know how much of that functionality is on the device.

I am trying to get more detailed information and I will pass that on (with corrections to my post of course ;-) ) as I am able to get it.

Thanks for your comment.
Erik

]]> By: Rory McCune http://artofinfosec.com/56/hackers-holy-grail-redefined-by-microsoft/#comment-65 Rory McCune Wed, 30 Apr 2008 05:25:39 +0000 http://artofinfosec.com/?p=56#comment-65 I'm not quite sure how you're making the jump from the quote saying 150 commands to the idea that those commands will be exploits. I'd expect the commands on the key to be forensics tools like you see on some of the bootable Linux forensics distributions which help an investigator gather information from a potential target machine. I’m not quite sure how you’re making the jump from the quote saying 150 commands to the idea that those commands will be exploits.

I’d expect the commands on the key to be forensics tools like you see on some of the bootable Linux forensics distributions which help an investigator gather information from a potential target machine.

]]>