We do not take a trip. The trip takes us.
Finally back from Shmoocon and Washington D.C. I had an absolute blast and now I'm ready to get back to work. While there's a lot I want to talk about regarding the Con and some of the other research going on, I'll save that for my next post. I finally got a chance to sit down and watch my own presentation on rainbow tables, and there are a couple of things I'd like to add. The real focus on this research is to help law enforcement . Ideally I see a central agency who has the spare computer power generating rainbow tables containing very complex word mangling rules and large dictionary files. They would then distribute these tables to state and local agencies who don't have the resources to do much in the way of password cracking. This way these local agencies can cheaply crack a large number of passwords without having to invest in the resources to do so. Now this won't help with salted files, but in instances where the bad guy uses the same password on both t...