Geometry.Net - the online learning center
Home  - Book_Author - Ward Grady

e99.com Bookstore
  
Images 
Newsgroups
Page 5     81-100 of 106    Back | 1  | 2  | 3  | 4  | 5  | 6  | Next 20
A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

         Ward Grady:     more books (15)
  1. Moby Word Lists
  2. Torts: Cases and Questions,2004 publication by Ward-Grady,Mark F Farnsworth, 2004-01-01
  3. Michael Waldron and Mary Grady: A family history by Kathleen Rauschl Ward, 2001
  4. Torts: Cases and Questions: TEACHER'S MANUAL by Ward and Grady, Mark Farnsworth, 2009
  5. Torts: Cases and Questions by Ward Farnsworth, Mark F. Grady, 2004-03-01
  6. Poets and Artists: O&S June 2010 by William Rose, 2010-05-07
  7. Anthology of Poetry & Short Fiction of the Pickup Poets Society by Terry Hensel, Katherine Ward, et all 1997
  8. Dorothy Day: With Love for the Poor (Unsung Americans) by Jim O'Grady, 1993-09
  9. The new century speaker for school and college. A collection of extracts from the speeches of Henry Cabot Lodge, Chauncey M. Depew, Charles H. Parkhurst, Henry W. Grady, James G. Blaine, James A. Garfield, Henry Ward Beecher, William H. Seward, Wendell Phillips, George William Curtis, and others;
  10. AUSSIE ENGLISH AN EXPLANATION OF THE AUSTRALIAN IDIOM by JOHN O'GRADY, 1968
  11. The new century speaker for school and college. : a collection of extracts from the speeches of Henry Cabot Lodge, Chauncey M. Depew, Charles H. Parkhurst, Henry W. Grady, James G. Blaine, James A. Garfield, Henry Ward Beecher, William H. Seward, Wendell Philips, George William Curtis, and others
  12. Are you Irish or normal? by John O'Grady, 1970
  13. Children's Scripture Puzzles: Reproducible Activities and Family Discussion for Sundays Through the Church Year: (Cycle C) by Kathleen O'Connell Chesto, Elizabeth Chesto, 1991-12
  14. Red Hugh's captivity: A picture of Ireland, social and political, in the reign of Queen Elizabeth by Standish O'Grady, 1889

81. The Institute For Language, Speech And Hearing
On June 1 Grady Ward announced that the fruits of the Moby project were being placedin the public domain The Moby lexicon project is complete and has been
http://life.csu.edu.au/~lbenton/dict-thes/
On June 1 Grady Ward announced that the fruits of the Moby project were being placed in the public domain: The Moby lexicon project is complete and has been place into the public domain. Use, sell, rework, excerpt and use in any way on any platform. Placing this material on internal or public servers is also encouraged. The compiler is not aware of any export restrictions so freely distribute world-wide. You can verify the public domain status by contacting Grady Ward 3449 Martha Ct. Arcata, CA 95521-4884 grady@netcom.com grady@northcoast.com The project is available from this site : either as a complete distribution [26MB] or as set of subprojects:
Moby Hyphenator
185,000 entries fully hyphenated
mhyph.tar.Z [980kB]
Moby Language
Word lists in five of the world's great languages
mlang.tar.Z [2.3MB]
Moby Part-of-Speech
230,000 entries fully described by part(s) of speech, listed in priority order
mpos.tar.Z [1.2MB]
Moby Pronunciator
175,000 entries fully International Phonetic Alphabet coded

82. Family Tree
GOSS Family; GOULD Family; Grady Family; Grady Family; Grady Family; GRAHAM Family;GRAV WARBURTON Family; Ward Family; Ward Family; WARNER Family; WATKINS Family; WATSON
http://alvyray.com/Family/Tree/
PLEASE USE THE NEW TREE
This old version will be removed in a month or so. I have changed genealogy database management programs. This old tree is now out-of-date. The new one contains everything in it plus much new information.
Family Tree
Alvy Ray Smith
Ultimate Family Tree, ver 3.10 Patch
ALL Project Version 2470
January 24, 2003
Table of Contents

83. Volume 2 Of Bankruptcy Trial
5 BY MR. ZLOTOFF 6 Q. Ms. Lucas, are you aware of someone named Grady Ward? 7 A.Yes. 8 Q. And who is Grady Ward? 9 MR. ROSEN Objection, irrelevant. 10 MR.
http://www.operatingthetan.com/day2bk.htm
Back to the index
UNITED STATES BANKRUPTCY COURT FOR THE NORTHERN DISTRICT OF CALIFORNIA BEFORE THE HONORABLE ARTHUR S. WEISSBRODT, JUDGE In Re: ) Case No. 98-51326-ASW ) Chapter 13 HOWARD KEITH HENSON, ) ) TRIAL ) Volume II Debtor. ) Pages 180 to 362 ) Monday, September 30, 2002 ) San Jose, California Appearances: For the Debtor: Law Offices of Stanley A. Zlotoff By: Stanley A. Zlotoff, Attorney at Law 300 South First Street, Suite 215 San Jose, California 95113 Technology Center: By: Helena K. Kobrin, Attorney at Law 3055 Wilshire Boulevard, Suite 900 Los Angeles, California 90010

84. Untitled
note This file was prepared by me from the roget13a.txt file that belongs to theMoby project files put into the public domain by Grady Ward (Grady@netcom.com
http://www.ncc.up.pt/~mig/dic/htmlmroget/mroget.html
THESAURUS OF ENGLISH WORDS AND PHRASES
Thesaurus-111
Version 1.02
Edited by Miguel Filgueiras
R. do Campo Alegre 823, 4150 Porto, Portugal
Phone: +351-2-6078830 Fax: +351-2-6003654
email: mig@ncc.up.pt
November 1998
Editorial note This file was prepared by me from the roget13a.txt file that belongs to the Moby project files put into the public domain by Grady Ward ( grady@netcom.com grady@northcoast.com ). Check the accompanying readme file for more details. I prepared an index of the entries and an index of the pages of the original thesaurus (as given in the Moby file; there are five pages not marked). I corrected some obvious mistakes and I also made a few changes in the introductory section when the information given was not of concern to users of this version. Most of the changes were performed by computer programs and were not verified. As those programs were based on assumptions about the formatting conventions of the original file it may happen that errors were introduced in this way. Please report any errors to me so that I may correct them. Miguel Filgueiras
  • Foreword
  • CLASS I: WORDS EXPRESSING ABSTRACT RELATIONS
  • CLASS II. WORDS RELATING TO SPACE
  • 85. PGP - Passphrase FAQ
    a widespread problem.' (E. Dexheimer). Comments to Grady Ward, Grady@netcom.com.Contributors John Kelsey, c445585@mizzou1.missouri
    http://www.unix-ag.uni-kl.de/~conrad/krypto/passphrase-faq.html
    Taken from alt.security.pgp
    Passphrase FAQ
    V. 1.0
    2 October 1993 '"PGP," warns Dorothy Denning, a Georgetown University professor who has worked closely with the National Security Agency, "could potentially become a widespread problem.' (E. Dexheimer) Comments to: Grady Ward, grady@netcom.com Contributors:
    John Kelsey, c445585@mizzou1.missouri.edu Appendix A
    RSA Data Security ( Appendix C. The MD5 Algorithm
    Jim Gillogly ( Appendix D. The Secure Hash Algorithm
    FAQ: How do I choose a good password or phrase?
    ANS: Shocking nonsense makes the most sense With the intrinsic strength of some of the modern encryption, authentication, and message digest algorithms such as RSA, MD5, SHS and IDEA the user password or phrase is becoming more and more the focus of vulnerability. For example, Deputy Ponder with the Los Angeles County Sheriff's Department admitted in early 1993 that both they and the FBI despaired of breaking the PGP 1.0 system except through a successful dictionary attack (trying many possible passwords or phrases from lists of probable choices and their variations) rather than "breaking" the underlying cryptographic algorithm mathematically. The fundamental reason why attacking or trying to guess the user's password or phrase will increasingly be the focus of cryptanalysis is that the user's choice of password may represent a much simpler cryptographic key than optimal for the encryption algorithm being used. This weakness of the user's password choice provides the potential cryptanalytic wedge.

    86. My Family
    Grady Ward. Parents Lorenza S. Ward and Lucinda MALLET. Grady Leon Ward. ParentsThomas Jackson (Jack) Ward and Clara Luticia Brunson. Gurdy Ward.
    http://www.fortunecity.com/millennium/hindmarsh/384/d1022.htm
    web hosting domain names email addresses related sites George Washington Ward was born on 10 Oct 1902 in FL?. He died on 3 Jan 1981 in FL?. He was married to Bertha Lucille POWELL about 1925. Children were: Lana Ward Larry Ward Georgia Ann WARD was born in Nov 1866 in Walton Co., FL. She died in 1942. Buried at Davisville, Escambia Co., FL Parents: Celestine Josiah Thomas William Augustus WARD and Nancy Elizabeth (Bettie) MAJORS Children were: Semmie MILLER Oscar MILLER Richard Stephen MILLER Rosa Belle MILLER Children were: Michael Blake BAKER Walter L. (Sigbee) BAKER Arnie BAKER Kilby BAKER ... Audrey (Aud) BAKER Georgia Anna WARD was born on 4 Jul 1887 in Baldwin Co., AL. Parents: Zachariah Thomas WARD and Matilda HARRIS Children were: Addie Mae VAUGHAN Lucille VAUGHAN Anna Inez VAUGHAN Mary Lee VAUGHAN ... Gertrude VAUGHAN Georgia Ruth WARD was born in Apr 1920. She died in Apr 1920. Parents: James Oscar Elijah WARD and Carrie Otis MAJORS Gertrude WARD Gertrude (Gurdy) WARD Gilbert WARD was born on 15 Sep 1896 in FL. He died on 18 Nov 1954. Buried at Molino, Escambia Co., FL.
    Parents: James Riley (Dock) WARD and Julia GRIMES Gladys M. WARD

    87. My Family
    John G. Ward was born in 1874 in FL. Parents John Green (Grady) Ward andEmma HORN. John Green (Grady) Ward was born on 19 Aug 1851 in AL.
    http://www.fortunecity.com/millennium/hindmarsh/384/d1024.htm
    web hosting domain names email addresses related sites James Woodrow (Jimmy) , Jr. Ward was born on 22 Nov 1943. Parents: James Woodrow (J. W.) Ward and Josephine Albert Children were: Christie WARD Matthew WARD Jane WARD was born in 1835 in Jackson Co., MS. Parents: Tarleton Solomon , Sr. WARD and Sarah (Sally) CHILDRESS Jane Carolyn WARD was born on 14 Sep 1956. Parents: Alvin Aster WARD and Mary Pauline BEASLEY Janice Michelle WARD was born on 8 Feb 1967 in Pensacola, Escambia Co., FL. Parents: William Francis (Bill) WARD and Mary Elizabeth WATSON Janice Sylva WARD was born on 4 Dec 1936 in Niceville, FL. Parents: Sill (Teen) WARD and Myrl Frances BOLES She was married to Barnett COTHRON on 7 Mar 1956. Jason Lee WARD was born on 30 Aug 1966. Parents: James Marshall WARD and Barbara SAULS Jasper N. WARD was born on 4 Oct 1877 in FL. He died on 8 May 1961. Parents: Elijah (Lige) WARD and Catherine MERRITT Jeanette WARD was born on 29 Apr 1901. She died on 9 Nov 1958. Parents: Emanuel (Man) WARD and Emma Adkisson Jeanette WARD was born in 1834 in Jackson Co., MS. Parents:

    88. 404 Not Found
    Computers Walton, Izaak • The Compleat Angler Ward, Adolphus William, Sir •Chaucer Ward, Artemus • The Complete Works Ward, Grady • Moby Hyphenation
    http://www.globusz.com/authors_w.html
    Not Found
    The requested URL was not found on this server. Apache Server at globusz.com

    89. The Church Of Scientology Vs. The Net
    The first hearing was held on Friday, April 12. Scientology sues anddeposes Grady Ward. On March 21, 1996, the Church of Scientology
    http://users.westnet.gr/~cgian/cos.htm
    Visitors to this site Subscribe to the Activist Mailing List Powered by groups.yahoo.com This page was created by Ron Newman. The opinions expressed here are solely those of the author, and are not necessarily shared by any one else
    The Church of Scientology is a religious cult which has unwisely decided to declare war against the Usenet and Internet communities. Since December of 1994, this Church and its followers have committed numerous acts that are hostile to the spirit of free speech on the Net. This web page is intended to document these activities.
    Quick index:

    90. PC AI - Natural Language Processing
    (info@attar.com). Grady Ward, Grady@netcom.com. J. Markowitz Consulting, Markwitz@steve.iit.edu.Language and Auditory Systems, languagesystems@cs.yale.edu.
    http://www.pcai.com/web/ai_info/natural_lang_proc.html
    Where Intelligent Technology Meets the Real World Home Contents Search News ... Contact PC AI
    Natural Language Processing
    Overview Glossary Link Natural Language Processing SUBMIT YOUR SITE To Multimedia To Neural Networks
    Natural Language Processing Information on the Internet
    The MIT InfoLab Group The MIT InforLab Group develops intelligent interactive software systems that help people access information and solve problems on human terms. They conduct research in natural language processing and multimedia information access. The Natural Language Group at ISI Home page for the Natural Language Group at the Information Sciences Institute at the University of Southern California. Find information about the research performed by the group as well as several demonstrations. Natural Language Processing FAQ Find answers to frequently asked questions about natural language processing. Natural Language Processing Links Find links to natural language processing web sites. NLPLAB Web Home Page Learn about current research and find software and other resources on natural language processing.

    91. Preckwinkle Faces Slimmer Field In 4th Ward Aldermanic Election
    An alderman is supposed to serve all of the constituency of the Ward. Two otherchallengers, 23year-old Russel Grady, a recent college graduate, and Arthur
    http://www.chicagomaroon.com/news/359486.html

    92. ARS Week In Review 14 April 1996
    Grady Ward Update. Grady Ward was deposed by cult attorneys this week.He was questioned for about 10 hours concerning items such
    http://www.byte-me.org/~mallen/scn/arswr/vol0/ars0_49.html

    93. 600000 People Connected With European Royalty
    Born Christened Died Buried Spouse Grady Dillard Rogers (living) BornChristened Died Buried Denver John Ward Wanda Mozelle Heard
    http://www.e-familytree.net/f4548.htm
    SPECULATIVE TREE . Most of the information in this tree is unverified by me - it's been traded freely on the internet. All corrections and additions would be greatfully accepted.
    This data changes often. If you've arrived from a search engine, it's likely you don't see the information you're looking for. If you go here you can use my index to find who you're looking for.
    Sign my guestbook
    or Send me an email It costs me $50.00 (US) a month to host e-familytree.net. It currently gets 3000 unique visitors a day. If only 10% of the people (300) donated .05 of their local currency each, I'd almost cover my costs. So if you can, please donate a bit to keep this place going! Thanks for your help! Rob Salzman
    e-familytree.net
    4130 SW 117th Ave #415
    Beaverton, OR

    600000 people connected with European Royalty
    Husband James Edward Haynes Jr
    Born: 11 Nov 1920 - Pickens Co., SC Christened: Died: Buried: Feb 1981 - CA
    Father: James Edward Haynes (1881-1958) Mother: Ada Wright (1879- )
    Married: Wife Thelma Unknown Born: Christened: Died: Buried: Husband James Edward Haynes Born: 4 Jun 1881 - Pickens, Pickens Co., SC Christened: Died: 28 May 1958 - Liberty, Pickens Co., SC Buried: 1958 - Liberty Cemetery, Pickens Co., SC

    94. 1880 Federal Census, Rensselaer County, Troy NY-6th Ward
    1880 Federal Census, Rensselaer County, Troy NY6th Ward. Gallagher toGriffen. MadisonSt. 262b, Grady, James P. 28, son, works box ? New York, Ireland, Ireland.
    http://www.connorsgenealogy.com/troy/6thward-g1.htm
    1880 Federal Census, Rensselaer County, Troy NY-6th Ward
    Gallagher toGriffen
    Address Page Surname First Age Relation Occupation Born Father Mother
    River St. Gallagher Thomas Boarder Puddler's Helper New York Ireland Ireland 757 Fourth St Gallagher Jane granddaughter New York Ireland New York 757 Fourth St Gallagher Mary A. daughter at home New York Ireland Ireland Stow Avenue Gallagher Edward 8 mos. Grandson New York New York Ireland Stow Avenue Gallagher Jennie Granddaughter New York New York Ireland Stow Avenue Gallagher Teresa Daughter Laundress Ireland Ireland Ireland Stow Avenue Gannon Charles Son At School New York Ireland New York Stow Avenue Gannon Henry Son New York Ireland New York Stow Avenue Gannon James Son At School New York Ireland New York Stow Avenue Gannon John Head Steel Worker Ireland Ireland Ireland Stow Avenue Gannon Mary Daughter New York Ireland New York Stow Avenue Gannon Rose Daughter New York Ireland New York Stow Avenue Gannon Susan Daughter New York Ireland New York Stow Avenue Gannon Susan Wife Keeping House New York Ireland Ireland Willis St. Gardiner Annie Daughter At School New York New York New York Willis St.

    95. Cherokee County Kansas Genealogy Queries Aug. 1996
    KS. Any information on this family would be appreciated. Carolyn Ward, PO Box 77,Columbus, KS 66725. COOK, MARSHALL. BRADY, Grady, HARRIGAN, McCORMICK, O'HARA.
    http://skyways.lib.ks.us/genweb/cherokee/1996/q96-8.html
    Cherokee County Kansas Queries Please note: a query must pertain to Cherokee Co. Kansas to be posted here.
    Queries Aug. 1996
    Adam Allen Brady Cook ... Ward
    MEEKER, MITCHELL
    Researching the MITCHELL and MEEKER families in Cherokee co. MITCHELL family was there from 1867 to 1950. MEEKER family from 1866 to 1953.
    Grace E. Loyd
    RR4, Box 207
    Columbus, Kansas 66725
    ALLEN
    Researching the ALLEN family. In Cherokee co. since 1867. Contact:
    Winona Allen Goedeke
    20036 York Rd.
    Oswego, KS 67356.
    DUGGER, WARD
    tcward@columbus-ks.com Tom Ward Nov 1996
    Researching the DUGGER and WARD families. They were in Cherokee co. by 1870 to the present.
    Tom Ward
    PO Box 77
    Columbus, KS 66725
    KIKER
    tcward@columbus-ks.com Carolyn Ward Nov 1996 Benjamin Franklin KIKER was born in Empire, Cherokee Co. KS in Nov 1899. His parents were Wm. Martin Luther KIKER and Cordelia Frances HOLLOWAY. Anything you have to share on this family would be appreciated. Carolyn Ward PO Box 77 Columbus, KS 66725
    JAMES
    tcward@columbus-ks.com Carolyn Ward Nov 1996 Researching the JAMES family in Cherokee County. Walter Rutherford, b. 1852, and Lurana Rosella (DUNAWAY) JAMES, b. 1859 and their children were living in Cherokee Co. by 1893 when Lurana died, probably in childbirth. She is buried in Lone Elm Cemetery. Their daughter Treacy (1882-1895) was also buried in Lone Elm Cemetery. The family was in Colorado by 1904 when Walter died. Their children included: Mildred Louise b. 1880 in Linn Co. KS, Clarence Marion b. 1884 in Chase Co. KS, Myrtle S. (1886-1886) Chase Co. KS, Jennie Louella b. 1887, Gracie Ann b. 1889 in Chase Co. KS. Any information on this family would be appreciated.

    96. Ancestry Message Boards - Message [ O'Grady ]
    and age 24 born in Ireland, 3rd Ward Chicago. There are others outside of Chicago.The 1880 United States Census National Index lists O'Grady and Grady
    http://boards.ancestry.com/mbexec/message/an/surnames.o-27-grady/22
    DisplayAds('Top,Right','Top',468,60); Message Boards Login Search: All Boards O'Grady Board Advanced Search
    Boards
    Surnames O'Grady O'Grady Search all Ancestry.com databases for "O'Grady" records List Messages Post New Message Add Board To Favorites ... Next Mary O'Grady Chicago Author: robert niersbach Date: 6 Sep 2002 10:42 PM GMT Surnames: O'Grady, McDonnell, Considine, Niersbach Classification: Query Post Reply Mark Unread Report Abuse Print Message Mary O'Grady married Peter McDonnell and they lived in Chicago's Bridgeport neighborhood. They were the parents of my grandmother Angela, who was born Sept. 15, 1877. Angela married Daniel J. Considine on June 25, 1902 at St. Bridget Church. She died May 01, 1944 and is buried in Mt. Olivet Cemetery, Chicago.
    I am seeking any information about the ancestors of Mary O'Grady. The"O" may have been shed at times.
    FAMILY QUEST: Illinois 1870 lists these Mary Gradys in Cook County - age 51 born in Ireland, 18th Ward Chicago; age 43 born in OH, 4th Ward Chicago; age 36 born in Ireland, 8th Ward Chicago; age 24 born in Ireland, 1st Ward Chicago and age 24 born in Ireland, 3rd Ward Chicago.
    There are others outside of Chicago.

    97. Web.textfiles.com/software/sfs5.txt
    Footnote 4 Grady Ward Grady@netcom.com has collected very large collectionsof words, phrases, and other items suitable for dictionary attacks on
    http://web.textfiles.com/software/sfs5.txt
    The Care and Feeding of Passwords - With the inherent strength of an encryption system like the one used by SFS, the password used for encryption is becoming more the focus of attack than the encryption system itself. The reason for this is that trying to guess an encryption password is far simpler than trying to break the encryption system. SFS allows keys of up to 100 characters in length. These keys can contain letters, numbers, spaces, punctuation, and most control and extended characters except backspace (which is used for editing), escape (which is used to abort the password entry), and carriage return or newline, which are used to signify the end of the password. You should try and take advantage of this fact as much as possible, with preferred passwords being entire phrases rather than individual words (in fact since very few words are longer than the SFS absolute minimum password length of 10 characters, the complete set of these words can be checked in moments). There exist programs designed to allow high-speed password cracking of standard encryption algorithms which can, in a matter of hours (sometimes minutes, even seconds in the case of very weak algorithms), attempt to use the contents of a number of very large and complete dictionaries as sample passwords [1][2][3][4][5]. For example one recent study of passwords used on Unix systems[6] found 25% of all passwords simply by using sophisticated guessing techniques. Of the 25% total, nearly 21% (or around 3,000 passwords) were found within the first week using only the spare processing power of a few low-end workstations. 368 were found within the first few minutes. On an average system with 50 users, the first password could be found in under 2 minutes, with 5-15 passwords being found by the end of the first day[7]. Virtually all passwords composed of single words can be broken with ease in this manner, even in the case of encryption methods like the one which is used by SFS, which has been specially designed to be resistant to this form of attack (doing a test of all possible 10-letter passwords assuming a worst-case situation in which the password contains lowercase letters only, can be accomplished in 450,000 years on a fast workstation (DEC Alpha) if the attacker knows the contents of the encrypted volume in advance - or about 4 1/2 years on a network of 100,000 of these machines). Of course no attacker would use this approach, as few people will use every possible combination of 10 letter passwords. By using an intelligent dictionary-based cracking program, this time can be reduced to only a few months. Complete programs which perform this task and libraries for incorporation into other software are already widely available[8]. This problem is especially apparent if the encryption algorithm used is very weak - the encryption used by the popular Pkzip archiver, for example, can usually be broken in this manner in a few seconds on a cheap personal computer using the standard wordlist supplied with all Unix systems[9]. You shouldn't rely on simple modifications to passwords for security. Capitalizing some letters, spelling the words backwards, adding one or two digits to the end, and so on, increase the amount of work which needs to be done by the average password-cracker by only a small amount over that needed for plain unadorned passwords. You should avoid any phrase which could be present in any kind of list (song lyrics, movie scripts, books, plays, poetry, famous sayings, and so on) - again, these can be easily and automatically checked by computers. Using foreign languages offers no extra security, since it means an attacker merely has to switch to using foreign-language dictionaries (or phrase lists, song lyrics, and so on). Relying on an attacker not knowing that a foreign language is being used ("If I use Swahili they'll never think of checking for it" - the so-called "Security through obscurity" technique) offers no extra security, since the few extra days or months it will take to check every known language are only a minor inconvenience. Probably the most difficult passwords to crack are ones comprising unusual phrases or sentences, since instead of searching a small body of text like the contents of a dictionary, book, or phrase list, the cracker must search a much larger corpus of data, namely all possible phrases in the language being used. Needless to say, the use of common phrases should be avoided, since these will be an obvious target for crackers. Some examples of bad passwords are: misconception Found in a standard dictionary noitpecnocsim Reversed standard dictionary word miskonseption Simple misspelling of a standard word m1skon53pshun Not-so-simple misspelling of a standard word MiScONcepTiON Standard word with strange capitalization misconception1234 Standard word with simple numeric code appended 3016886726 Simple numeric code, probably a US phone number YKYBHTLWYS Simple mnemonic In general coming up with a secure single-word password is virtually impossible unless you have a very good memory for things like unique 20-digit numbers. Some examples of bad passphrases are: What has it got in its pocketses? Found in a common book Ph'n-glui mgl'w naf'h Cthulhu R'yleh w'gah Found in a somewhat less common book For yesterday the word of Caesar might have stood Found in a theatrical work modify the characteristics of a directory Found in a technical manual T'was brillig, and the slithy toves Found in a book of poetry I've travelled roads that lead to wonder Found in a list of music lyrics azetylenoszilliert in phaenomenaler kugelform Found in an obscure foreign journal Arl be back Found in several films I don't recall Associated with a famous person (although it does make a good answer to the question "What's the password?" during an interrogation) Needless to say, you should never write a passphrase down or record it in any other way, or communicate it to anyone else. Footnote [1]: A large collection of word lists suitable for this kind of attack can be found on ftp.ox.ac.uk in directories below the /pub/wordlists directory, and total about 15MB of compressed data. These dictionaries contain, among other things, 2MB of Dutch words, 2MB of German words, 600KB of Italian words, 600KB of Norwegian words, 200KB of Swedish words, 3.3MB of Finnish words, 1MB of Japanese words, 1.1MB of Polish words, 700KB of assorted names, and a very large collection of assorted wordlists covering technical terms, jargon, hostnames, internet machine names, login ID's, usenet sites, computer languages, computer companies, the Koran, the Bible, the works of Lewis Carrol, Shakespeare, acronyms, characters from books, plays and films, actors given names, actors surnames, titles from movies, plays, and television, Monty Python, Star Trek, US politics, US postal areas, US counties, the CIA world fact book, the contents of several large standard dictionaries and thesaurii, and common terms from Australian, Chinese, Croatian, Danish, Dutch, English, Finnish, French, German, Hindi, Hungarian, Italian, Japanese, Latin, Norwegian, Polish, Russian, Spanish, Swahili, Swedish, Yiddish, computers, literature, places, religion, and scientific terms. The ftp.ox.ac.uk site also contains, in the directory /src/security, the file cracklib25.tar.Z, a word dictionary of around 10MB, stored as a 6.4MB compressed tar file. Footnote [2]: A large dictionary of English words which also contains abbreviations, hyphenations, and misspelled words, is available from wocket.vantage.gte.com (131.131.98.182) in the /pub/standard_dictionary directory as dic-0594.tar, an uncompressed 16.1MB file, dic-0594.tar.Z, a compressed 7.6MB file, dic-0594.tar.gz, a Gzip'ed 5.9MB file, and dic-0594.zip, a Zipped 5.8MB file. This contains around 1,520,000 entries. In combination with a Markov model for the English language built from commonly-available texts, this wordlist provides a powerful tool for attacking even full passphrases. Footnote [3]: A Unix password dictionary is available from ftp.spc.edu as .unix/password-dictionary.txt. Footnote [4]: Grady Ward has collected very large collections of words, phrases, and other items suitable for dictionary attacks on cryptosystems. Even the NSA has used his lists in their work. Of particular interest are Moby Words, which contains 610,000 English entries including Scrabble(tm) compatible words, baby names, word frequencies, special subsets for spelling checkers and more, Moby Part-of-Speech, which contains 230,000 words and phrases marked with full part-of-speech data (in priority order for those words having more than one part-of-speech), Moby Pronunciator with 175,000 words and phrases fully coded with International Phonetic Alphabet (IPA) ASCII symbols including up to three levels of emphasis (stress), and Moby Thesaurus with 30,000 root words and more than 2.5 million synonyms and related words. Samples of each of the lexical databases are available from ftp.netcom.com (192.100.81.100) in the /pub/grady directory as Moby-Sampler.tar.Z. A Postscript brochure describing the lists is available from the same location as Moby_Brochure8.5x14.ps.Z, the full datasets can be obtained from Grady Ward, 3449 Martha Ct., Arcata, CA 95521-4884, ph/fax 1-707-826-7715 Footnote [5]: A number of CDROM's are available which contain information useful for password-cracking. Two of these are the Chestnut "Dictionaries and Languages" CDROM and the Walnut Creek "Project Gutenberg" CDROM. Footnote [6]: Daniel Klein, "Foiling the Cracker: A Survey of, and Improvements to, Password Security", Software Engineering Institute, Carnegie Mellon University. Footnote [7]: An improved implementation is approximately 3 times faster on an entry-level 386 system, 4 times faster on an entry-level 486 system, and up to 10 times faster on a more powerful workstation such as a Sparcstation 10 or DEC 5000/260, meaning that the first password would be found in just over 10 seconds on such a machine. Footnote [8]: One such program is "crack", currently at version 4.1 and available from ftp.ox.ac.uk in the directory /src/security as crack41.tar.Z. Footnote [9]: Actual cryptanalysis of the algorithm, rather than just trying passwords, takes a little longer, usually on the order of a few hours with a low-end workstation. However this method will (after a little work) break all encrypted zip files, not just the ones for which the password can be guessed. Other Software There are a small number of other programs available which claim to provide disk security of the kind provided by SFS. However by and large these tend to use badly or incorrectly implemented algorithms, or algorithms which are known to offer very little security. One such example is Norton's Diskreet, which encrypts disks using either a fast proprietary cipher or the US Data Encryption Standard (DES). The fast proprietary cipher is very simple to break (it can be done with pencil and paper), and offers protection only against a casual browser. Certainly anyone with any programming or puzzle-solving skills won't be stopped for long by a system as simple as this[1]. The more secure DES algorithm is also available in Diskreet, but there are quite a number of implementation errors which greatly reduce the security it should provide. Although accepting a password of up to 40 characters, it then converts this to uppercase-only characters and then reduces the total size to 8 characters of which only a small portion are used for the encryption itself. This leads to a huge reduction in the number of possible encryption keys, so that not only are there a finite (and rather small) total number of possible passwords, there are also a large number of equivalent keys, any of which will decrypt a file (for example a file encrypted with the key 'xxxxxx' can be decrypted with 'xxxxxx', 'xxxxyy', 'yyyyxx', and a large collection of other keys, too many to list here). These fatal flaws mean that a fast dictionary-based attack can be used to check virtually all possible passwords in a matter of hours on a standard PC. In addition the CBC (cipher block chaining) encryption mode used employs a known, fixed initialisation vector (IV) and restarts the chaining every 512 bytes, which means that patterns in the encrypted data are not hidden by the encryption. Using these two implementation errors, a program can be constructed which will examine a Diskreet-encrypted disk and produce the password used to encrypt it (or at least one of the many, many passwords capable of decrypting it) within moments. In fact, for any data it encrypts, Diskreet writes a number of constant, fixed data blocks (one of which contains the name of the programmer who wrote the code, many others are simply runs of zero bytes) which can be used as the basis of an attack on the encryption. Even worse, the very weak proprietary scheme used by Diskreet gives away the encryption key used so that if any two pieces of data are encrypted with the same password, one with the proprietary scheme and the other with Diskreet's DES implementation, the proprietary-encrypted data will reveal the encryption key used for the DES-encrypted data[1]. These problems are in fact explicitly warned against in any of the documents covering DES and its modes of operation, such as ISO Standards 10116 and 10126-2, US Government FIPS Publication 81, or basic texts like Denning's "Cryptography and Data Security". It appears that the authors of Diskreet never bothered to read any of the standard texts on encryption to make sure they were doing things right, or never really tested the finished version. In addition the Diskreet encryption code is taken from a code library provided by another company rather than the people who sell Diskreet, with implementation problems in both the encryption code and the rest of Diskreet. The DES routines used in Da Vinci, a popular groupware product, are similarly poorly implemented. Not only is an 8-character password used directly as the DES key, but the DES encryption method used is the electronic codebook (ECB) mode, whose use is warned against in even the most basic cryptography texts and, in a milder form, in various international encryption standards. For example, Annex A.1 of ISO 10116:1991 states "The ECB mode is in general not recommended". ISO 10126-2:1991 doesn't even mention ECB as being useful for message encryption. The combination of Da Vinci's very regular file structure (which provides an attacker with a large amount of known data in very file), the weak ECB encryption mode, and the extremely limited password range, makes a precomputed dictionary attack (which involves a single lookup in a pre-set table of plaintext-ciphertext pairs) very easy (even easier, in fact, than the previously-discussed attack on Unix system passwords). In fact, as ECB mode has no pattern hiding ability whatsoever, all that is necessary is to encrypt a common pattern (such as a string of spaces) with all possible dictionary password values, and sort and store the result in a table. Any password in the dictionary can then be broken just as fast as the value can be read out of the table. PC Tools is another example of a software package which offers highly insecure encryption. The DES implementation used in this package has had the number of rounds reduced from the normal 16 to a mere 2, making it trivial to break on any cheap personal computer. This very weak implementation is distributed despite a wide body of research which documents just how insecure 2-round DES really is[2]. Even a correctly-implemented and applied DES encryption system offers only marginal security against a determined attacker. It has long been rumoured that certain government agencies and large corporations (and, no doubt, criminal organizations) possessed specialized hardware which allowed them to break the DES encryption. However only in August of 1993 have complete constructional details for such a device been published. This device, for which the budget version can be built for around $100,000, can find a DES key in 3.5 hours for the somewhat more ambitious $1 million version (the budget version takes 1 1/2 days to perform the same task). The speed of this device scales linearly with cost, so that the time taken can be reduced to minutes or even seconds if enough money is invested. This is a one-off cost, and once a DES-breaking machine of this type is built it can sit there day and night churning out a new DES key every few minutes, hours, or days (depending on the budget of the attacker). In the 1980's, the East German company Robotron manufactured hundreds of thousands of DES chips for the former Soviet Union. This means one of two things: Either the Soviet Union used the chips to build a DES cracker, or they used DES to encrypt their own communications, which means that the US built one. The only way around the problem of fast DES crackers is to run DES more than once over the data to be encrypted, using so-called triple DES (using DES twice is as easy to attack as single DES, so in practice three iterations must be used). DES is inherently slow. Triple DES is twice as slow[3]. A hard drive which performs like a large-capacity floppy drive may give users a sense of security, but won't do much for their patience. The continued use of DES, mainly in the US, has been due more to a lack of any replacement than to an ongoing belief in its security. The National Bureau of Standards (now National Institute of Standards and Technology) has only relucatantly re-certified DES for further use every five years. Interestingly enough, the Australian government, which recently developed its own replacement for DES called SENECA, now rates DES as being "inappropriate for protecting government and privacy information" (this includes things like taxation information and social security and other personal data). Now that an alternative is available, the Australian government seems unwilling to certify DES even for information given under an "in confidence" classification, which is a relatively low security rating[4]. In comparison, the RC4 encryption used in Lotus Notes has been deliberately designed to offer only a certain level of security which means it is exportable under the US crypto export restrictions. The key length is limited to 40 bits, making it possible to mount a brute-force attack against it in a reasonable amount of time[5]. A similar measure is used in IBM's Commercial Data Masking Facility, which uses a DES implementation limited to a 40-bit key. Although the RC4 algorithm has a number of interesting properties which make it less than perfect, the simplest attack is still a brute-force check of all possible 40-bit key combinations[6]. Both RC4 and the CDMF are properly designed and implemented, but have been weakened somewhat by the need to satisfy the US governments restrictions on the use of strong cryptography. Finally, the add-on "encryption" capabilities offered by general software packages are usually laughable. Various programs exist which will automatically break the "encryption" offered by software such as Ami Pro, Arc, Arj, Lotus 123, the "improved encryption" in Lotus 123 3.x and 4.x, Lotus Symphony, Microsoft Excel, Microsoft Word, Novell Netware, Paradox, Pkzip 1.x, the "improved encryption" in Pkzip 2.x, Quattro Pro, Unix crypt(1), Wordperfect 5.x and ealier, the "improved" encryption in Wordperfect 6.x, and many others[7][8][9]. Indeed, these systems are often so simple to break that at least one package which does so adds several delay loops simply to make it look as if there were actually some work involved in the process. Although the manuals for these programs make claims such as "If you forget the password, there is absolutely no way to retrieve the document", the "encryption" used can often be broken with such time-honoured tools as a piece of paper, a pencil, and a small amount of thought. Some programs which offer "password protection security" don't even try to perform any encryption, but simply do a password check to allow access to the data. Three examples of this are Stacker, Fastback, and Norton's partition security system, all three of which can either have their code patched or have a few bytes of data changed to ignore any password check before granting access to data. Footnote [1]: There are at least three products available which will break both the proprietary and DES encryption used in Diskreet. One publicly-available program which will perform this task is sold by a company called AccessData. More information on their encryption-breaking software can be found a few paragraphs down. Footnote [2]: A 2-round version is in fact so weak that most attackers never bother with it. Biham and Shamirs "Differential Cryptanalysis of the Data Encryption Standard" only starts at 4 rounds, for which 16 encrypted data blocks are needed for a chosen-plaintext attack. A non-differential, ciphertext-only attack on a 3-round version requires 20 encrypted data blocks. A known-plaintext attack requires "several" encrypted data blocks. A 2-round version will be significantly weaker than the 3-round version. It has been reported that a university lecturer once gave his students 2-round DES to break as a homework exercise. Footnote [3]: There are some clever tricks which can be used to make a triple DES implementation only twice as slow as single DES, rather than three times as slow as would be expected. Footnote [4]: The Commonwealth of Australia Protective Security Manual (PSM) defines two classes of material, National Security Material and Sensitive Material. Sensitive Material is the lower classification category, and the "In-Confidence" category is the lowest sub-category for Sensitive Material, being defined in the PSM as "Material which requires a limited degree of protection. Unauthorised disclosure, loss, compromise, misuse of which, or damage to in-confidence data might possibly cause harm to the country, Government, or give unfair advantage to any entity". In addition "information considered private that needs some degree of protection should normally be categorised as In-Confidence". Footnote [5]: A sieve array populated by single-bit boolean processors running at 40 MIPS would produce one trial per cycle, with the average time to break a 40 bit key by brute force (.5x10^12) being a little over three hours. There are inexpensive DSP's (digital signal processors) available which can be used for this purpose, in a device costing a few tens of thousands of dollars. Footnote [6]: RC4 has two parts, the initialization phase, and the random number generation phase used for the encryption itself. An array is initialized with the user's key to be a random permutation. The random number generator then mixes the permutation and reports values looked up pseudorandomly in that permutation. Among the weaknesses in RC4 are that there is too high a likelihood during the initialization phase that small values will remain in small positions in the initial permutation; user keys are repeated to fill 256 bytes, so 'aaaa' and 'aaaaa' produce the same permutation; results are looked up at pseudorandom positions in the array, and if some internal state causes a certain sequence of positions to be looked up, there are 255 similar internal states that will look up values in the same sequence of positions (although the values in those positions will be different), from which it can be shown that cycles come in groups of 2^n, where all cycles in a group have the same length, and all cycles are of an odd length * 256 unless they are in a group of 256; there is a bias in the results so that, for example, the pattern "a a" is too likely and the pattern "a b a" is too unlikely, which can be detected only after examining about 8 trillion bytes; the internal state is not independent of the results, so that with a given result there are two patterns in the internal state that appear 1/256 times more often than they ought to; and at least two seperate methods exist for deducing the internal state from the results in around 2^900 steps. In none of these cases do they reduce the complexity of an attack to anywhere near the level of simply trying all 2^40 keys - like the differential and linear cryptanalysis results for DES, they serve more as an indication of how strong the cipher is than how weak it is. Footnote [7]: A package which will break many of these schemes is sold by AccessData, 560 South State, Suite J-1, Orem, Utah 84058, ph. 1-801-224-6970, fax 1-801-224-6009, email support@accessdata.com. Access Data's main European distributor, Key Exchange, is based in London, ph. +44-81-744-1551. They provide software which will break WordPerfect (versions 4.2-6.1, regular or enhanced encryption), Microsoft Word (versions 2.0-6.1), Microsoft Excel (all versions including the Macintosh one), Lotus 1-2-3 (all versions), Quattro Pro, Paradox, Pkzip, Norton's Diskreet (both DES and proprietary encryption), Novell NetWare (versions 3.x-4.x), and others. All the programs come with a 100% guarantee. AccessData also offers to its customers free inhouse recovery of data created with applications like Quicken, Microsoft Money, and other simple (non-encryption based) password systems. AccessData provide a free demonstration disk which will decrypt files that have a password of 10 characters in length. The lengths of passwords other than 10 characters in length will be displayed, but not the password itself. They also make demo versions of their software available on their FTP site ftp.accessdata.com in the directory /pub/demo, and have a Web page at http://www.accessdata.com. As an example, a demo of their WordPerfect 6.0b encryption breaker is available from the FTP site as wrpassd.exe. More information on the contents of the directory is present in the directory itself. Footnote [8]: A number of programs (too many to list here) which will break the encryption of all manner of software packages are freely available via the internet. For example, a WordPerfect encryption cracker is available from garbo.uwasa.fi in the directory /pc/util as wppass2.zip. The Pkzip 1.x and 2.x encryption was first publicly broken by Paul Kocher in August 1994 (although the NSA must have broken it much earlier, as they allowed it to be exported from the US). His method works regardless of the password size or file content. The Ami Pro encryption was also first publicly broken by Paul Kocher in February 1995 (although again it was rumoured that private organisations had broken it much earlier). The method of breaking Ami Pro also works regardless of password size or file content. Footnote [9]: CRAK Software produce encryption breaking software for a wide variety of popular word processor, spreadsheet, and financial programs including MS Excel 5.0, Lotus 123 version 4.0, Quattro Pro 6.0, MS Word 6.0, Wordperfect through to version 5.2, and Quicken through to version 4.0, with software to handle earlier versions of these programs available on request. Demo versions of some of these programs are available from ftp.indirect.com in the directory /www as excrak.zip, locrak.zip, qpcrak.zip, wdcrak.zip, and wpcrak.zip respectively. CRAK Software can be contacted at 1-800-484-9628 ext.7584 or through their WWW home page at http://www.indirect.com/johnk/ Footnote [10]: Why are you reading this footnote? Nowhere in the text is there a [10] referring you to this note. Go back to the start, and don't read this footnote again! Data Security - This section presents an overview of a range of security problems which are, in general, outside the reach of SFS. These include relatively simple problems such as not-quite-deleted files and general computer security, through to sophisticated electronic monitoring and surveillance of a location in order to recover confidential data or encryption keys. The coverage is by no means complete, and anyone seriously concerned about the possibility of such an attack should consult a qualified security expert for further advice. You should remember when seeking advice about security that an attacker will use any available means of compromising the security of your data, and will attack areas other than those for which the strongest defense mechanisms have been installed. For this reason you should consider all possible means of attack, since strengthening one area may merely make another area more appealing to an opponent. Information Leakage There are several ways in which information can leak from an encrypted SFS volume onto other media. The simplest kind of information leakage is in the form of temporary files maintained by application software and operating systems, which are usually stored in a specific location and which, when recovered, may contain file fragments or entire files from an encrypted volume. This is true not only for the traditional word processors, spreadsheets, editors, graphics packages, and so on which create temporary files on disk in which to save data, but also for operating systems such as OS/2, Windows NT, and Unix, which reserve a special area of a disk to store data which is swapped in and out of memory when more room is needed. This information is usually deleted by the application after use, so that the you won't even be aware that it exists. Unfortunately "deletion" generally consists of setting a flag which indicates that the file has been deleted, rather than overwriting the data in any secure way. Any information which is "deleted" in this manner can be trivially recovered using a wide variety of tools[1]. In the case of a swap file there is no explicit deletion as the swap area is invisible to the user anyway. On a lightly-loaded system, data may linger in a swap area for a considerable amount of time. The only real solution to this problem is to redirect all temporary files and swap files either to an encrypted volume or to a RAM disk whose contents will be lost when power is removed. Most programs allow this redirection, either as part of the program configuration options or by setting the TMP or TEMP environment variables to point to the encrypted volume or RAM disk. Unfortunately moving the swap area and temporary files to an encrypted volume results in a slowdown in speed as all data must now be encrypted. One of the basic premises behind swapping data to disk is that very fast disk access is available. By slowing down the speed of swapping, the overall speed of the system (once swapping becomes necessary) is reduced. However once a system starts swapping there is a significant slowdown anyway (with or without encryption), so the tradeoff between encrypting the swap file for added security or not encrypting it for added speed is up to you. The other major form of information leakage with encrypted volumes is when backing up the data contained on them. Currently there is no generally available secure backup software (the few applications which offer "security" features are generally ridiculously easy to circumvent), so that all data stored on an encrypted volume will generally need to be backed up in unencrypted form. Like the decision on where to store temporary data and swap files, this is a tradeoff between security and convenience. If it were possible to back up an encrypted volume in its encrypted form, the entire volume would have to be backed up as one solid block every time a backup was made. This could mean a daily backup of five hundred megabytes instead of the half megabyte which has changed recently. Incremental backups would be impossible. Backing up or restoring individual files would be impossible. Any data loss or errors in the middle of a large encrypted block could be catastrophic (in fact the encryption method used in SFS has been carefully selected to ensure that even a single encrypted data bit changed by an attacker will be noticeable when the data is decrypted[2]). Since SFS volumes in their encrypted form are usually invisible to the operating system anyway, the only way in which an encrypted volume can be backed up is by accessing it through the SFS driver, which means the data is stored in its unencrypted form. This has the advantage of allowing standard backup software and schedules to be used, and the disadvantage of making the unencrypted data available to anyone who has access to the backups. User discretion is advised. If you regard it as absolutely essential that backups be encrypted, and have the time and storage space to back up an entire encrypted volume, then the Rawdisk 1.1 driver, available as ftp.uni-duisburg.de:/pub/pc/misc/rawdsk11.zip, can be used to make the entire encrypted SFS volume appear as a file on a DOS drive which can be backed up using standard DOS backup software. The instructions which come with Rawdisk give details on setting the driver up to allow non-DOS volumes to be backed up as standard DOS drives. The SFS volume will appear as a single enormous file RAWDISK.DAT which entirely fills the DOS volume. Another possibility for encrypted backups involves using Windows, DesqView, or some other task switcher, in conjunction with a floppy backup program. By switching to another task window and mounting a new SFS volume when the current one has been filled up, and then switching back to the task window in which the backup program is running, the need to re-mount volumes when a disk swap takes place can be hidden from the backup program. The exact sequence of steps for performing a backup to SFS-encrypted floppy disks is as follows: 1. Mount an SFS volume in a floppy drive 2. Using the backup program, fill the volume in the floppy drive 3. Switch to another task window 4. Unmount the SFS volume in the floppy drive 5. Mount a new SFS volume in the floppy drive 6. Switch back to the original task window 7. Go to step 2. Unfortunately, this method will only work for floppy backups and is really best suited to small amounts of data. Where larger amounts of data are involved and tape backup units are available, the first method for obtaining encrypted backups is preferred. Footnote [1]: For example, more recent versions of MSDOS and DRDOS come with an "undelete" program which will perform this task. Footnote [2]: This is not a serious limitation, since it will only affect deliberate changes in the data. Any accidental corruption due to disk errors will result in the drive hardware reporting the whole sector the data is on as being unreadable. If the data is deliberately changed, the sector will be readable without errors, but won't be able to be decrypted. Eavesdropping The simplest form of eavesdropping consists of directly overwiewing the system on which confidential data is being processed. The easiest defence is to ensure that no direct line-of-sight path exists from devices such as computer monitors and printers to any location from which an eavesdropper can view the equipment in question. Copying of documents and the contents of computer monitors is generally possible at up to around 100 metres (300 feet) with relatively unsophisticated equipment, but is technically possible at greater distances. You should also consider the possibility of monitoring from locations such as office-corridor windows and nearby rooms. This problem is particularly acute in open-plan offices and homes. The next simplest form of eavesdropping is remote eavesdropping, which does not require access to the building but uses techniques for information collection at a distance. The techniques used include taking advantage of open windows or other noise conveying ducts such as air conditioning and chimneys, using long-range directional microphones, and using equipment capable of sensing vibrations from surfaces such as windows which are modulated by sound from the room they enclose. By recording the sound of keystrokes when a password or sensitive data is entered, an attacker can later recreate the password or data, given either access to the keyboard itself or enough recorded keystrokes to reconstruct the individual key sound patterns. Similar attacks are possible with some output devices such as impact printers. Another form of eavesdropping involves the exploitation of existing equipment such as telephones and intercoms for audio monitoring purposes. In general any device which handles audio signals and which can allow speech or other sounds to be transmitted from the place of interest, which can be modified to perform this task, or which can be used as a host to conceal a monitoring device and provide power and possibly microphone and transmission capabilites to it (such as, for example, a radio) can be the target for an attacker. These devices can include closed-circuit television systems (which can allow direct overviewing of confidential information displayed on monitors and printers), office communication systems such as public address systems, telephones, and intercoms (which can either be used directly or modified to transmit sound from the location to be monitored), radios and televisions (which can be easily adapted to act as transmitters and which already contain power supplies, speakers (to act as microphones), and antennae), and general electrical and electronic equipment which can harbour a range of electronic eavesdropping devices and feed them with their own power[1]. Another eavesdropping possibility is the recovery of information from hardcopy and printing equipment. The simplest form of this consists of searching through discarded printouts and other rubbish for information. Even shredding a document offers only moderate protection against a determined enough attacker, especially if a low-cost shredder which may perform an inadequate job of shredding the paper is employed. The recovery of text from the one-pass ribbon used in high-quality impact printers is relatively simple. Recovery of text from multipass ribbons is also possible, albeit with somewhat more difficulty. The last few pages printed on a laser printer can also be recovered from the drum used to transfer the image onto the paper. Possibly the ultimate form of eavesdropping currently available, usually referred to as TEMPEST (or occasionally van Eck) monitoring, consists of monitoring the signals generated by all electrically-powered equipment. These signals can be radiated in the same way as standard radio and television transmissions, or conducted along wiring or other metal work. Some of these signals will be related to information being processed by the equipment, and can be easily intercepted (even at a significant distance) and used to reconstruct the information in question. For example, the radiation from a typical VDU can be used to recover data with only a receiver at up to 25m (75 feet), with a TV antenna at up to 40m (120 feet), with an antenna and amplification equipment at up to 80m (240 feet), and at even greater distances with the use of more specialised equipment[2]. Information can also be transmitted back through the power lines used to drive the equipment in question, with transmission distances of up to 100m (300 feet) being possible. TEMPEST monitoring is usually relatively expensive in terms of the resources required, difficult to mount, and unpredictable in outcome. It is most likely to be carried out where other methods of eavesdropping are impractical and where general security measures are effective in stopping monitoring. However, once in place, the amount of information available through this form of eavesdropping is immense. In general it allows the almost complete recovery of all data being processed by a certain device such as a monitor or printer, almost undetectably, and over a long period of time[3][4][5]. Protection against TEMPEST monitoring is difficult and expensive, and is best left to computer security experts[6][7]. However, some simple measures are still possible, such as paying attention to the orientation of VDU's (most of the signal radiated from a VDU is towards the sides, with very little being emitted to the front and rear), chosing equipment which already meets standards for low emissions (for example in the US the "quietest" standard for computers and peripherals is know as the FCC Class B standard), using well-shielded cable for all system interconnections (unshielded cable such as ribbon cable acts as an antenna for broadcasting computer signals), using high-quality power line filters which block signals into the high radio frequency range, and other methods generally used to reduce or eliminate EMI (electromagnetic interference) from electronic equipment. Footnote [1]: For an example of a device which needs no special modifications to allow remote monitoring, the Drake intercom system can be used to listen to any other unit on the system by pressing soft, dir, down (to the desired address), rtn, soft assn, attr, t+fl (the addresses will start to flash, the desired address can now be selected), at which point the selected address will be bugged without the other end being aware of this. The bugging can be turned off again by pressing exit, t+l, selecting the flashing address as before, exit, soft. This capability is built into the system and requires no special modifications. Similar "features" are also present in a number of other intercom and PABX systems. Footnote [2]: These figures are taken from "Schutzmassnahmen Gegen Kompromittierende Elektromagnetische Emissionen von Bildschirmsichtgeraeten", Erhard Moeller and Lutz Bernstein, Labor fuer Nachrichtentechnik, Fachhochschule Aachen. Footnote [3]: An example of the kind of equipment used for TEMPEST monitoring is the NSA's F-3 ASCII code receiving antenna. When used with a portable receiver, the F-3 system allows an agent to record data as it is entered from a computer keyboard. The F-3 receiver/recorder is hand held and can detect transmissions at some distance through a 25cm (10 inch) thick concrete wall. Footnote [4]: A demonstration of this form of eavesdropping was done in the 1988 BBC program "High Tech Spies", in which a van containing detection equipment drove around London reading data off the screens of computers located in law offices and brokerage firms. The results were then shown to executives of the firms. Footnote [5]: Another demonstration was done by Winn Schwartau on Geraldo Riviera's "Now! It Can Be Told" TV show, broadcast on 30 September 1991. Footnote [6]: TEMPEST informatiom and shielding measures for protection against TEMPEST monitoring are specified in standards like "Tempest Fundamentals", NSA-82-89, NACSIM 5000, National Security Agency, February 1, 1982, "Tempest Countermeasures for Facilities Within the United States", National COMSEC Instruction, NACSI 5004, January 1984, "Tempest Countermeasures for Facilities Outside the United States", National COMSEC Instruction, NACSI 5005, January 1985, and MIL-STD 285 and 461B. Unfortunately these specifications have been classified by the organisations who are most likely to make use of TEMPEST eavesdropping, and are not available to the public. Footnote [7]: A computer centre in Moscow had all its windows shielded with reflective aluminium film which was supposed to provide enough protection to stop most forms of TEMPEST eavesdropping. The technique seems to have worked, because a KGB monitoring van parked outside apparently didn't notice the fact that the equipment had been diverted to the task of printing out Strugatsky's novels. Trojan Horses It may be possible for an attacker to replace the SFS software with a copy which seems to be identical but which has major weaknesses in it which make an attack much easier, for example by using only a few characters of the password to encrypt the disk. The least likely target is mksfs, since changing the way this operates would require a similar change to mountsfs and the SFS driver which would be easily detectable by comparing them with and independant, original copy. Since a changed mksfs would require the long-term use of a similarly changed mountsfs and driver, the chances of detection are greatly increased. A much more subtle attack involves changing mountsfs. By substituting a version which saves your password or encryption key to an unused portion of the disk and then replaces itself with an unmodified, original copy, an attacker can return at their leisure and read the password or key off the disk, leaving you none the wiser that your encryption key has been compromised. The SFS driver may be modified to do this as well, although the task is slighly more difficult than changing mountsfs. Detecting this type of attack is very difficult, since although it is possible to use security software which detects changes, this itself might be modified to give a false reading. Software which checks the checking software may in turn be modified, and so on ad infinitum. In general someone who is determined enough can plant an undetectable trojan[1], although precautions like using modification-detection programs, keeping physically separate copies of the SFS software, and occasionally checking the installed versions against other, original copies, may help reduce the risk somewhat. Booting into an encrypted partition, as described in the section "Advanced SFS Driver Options" above, which contains "clean" copies of the SFS software, and comparing the clean driver with the one used to boot into the encrypted partition, reduces the risk further. Finally, the eventual creation of a hardware SFS encryption card will reduce the risk even further, although it would still be possible for an attacker to substitute their own fake encryption card[2]. Another attack possibility is the creation of a program unrelated to SFS which monitors the BIOS character write routines for the printing of the password prompt, or video RAM for the appearance of the prompt, or the BIOS keyboard handler, or any number of other possibilities, and then reads the password as it is typed in[3][4][5][6]. This is a generic attack against all types of encryption software, and doesn't rely on a compromised copy of the software itself. It isn't even necessary for the captured information to be recorded anywhere, since the trojan can transmit it over a network which the computer may be attached to, or simply send it to any convenient (but not necessarily active) output device external to the computer in order to make a TEMPEST attack easier to mount. The stealth features in SFS are one way of making this kind of monitoring much more difficult (none of the keyboard-monitoring programs mentioned are effective against the SFS software), and are explained in more detail in the section "Security Analysis" below. However the only really failsafe way to defeat this kind of attack is to use custom hardware which performs its task before any user software has time to run, such as the hardware SFS version currently under development. Footnote [1]: An attacker could employ, for example, what David Farber has described as "supplemental functionality in the keyboard driver". Footnote [2]: An attack of this kind was carried out in 1989 at Cambridge University, when students dismantled public-access terminals and replaced the firmware with a newer version which captured passwords for later replay. This attack was documented in D. Harriman's article "Password Fishing on Public Terminals" in the January 1990 Computer Fraud and Security Bulletin, p.12. Footnote [3]: One program which performs the task of caturing keystrokes is Phantom 2.29i, available from wuarchive.wustl.edu in the directory /pub/msdos/keyboard as ptm229i.zip, or from P2 Enterprises, P.O. Box 25, Ben Lomond, California 95005-0025. This program not only allows the recording of all keystrokes but provides timing information down to fractions of a second, allowing for detailed typing pattern analysis by an attacker. There also exists a modified version of Phantom distributed as dos.zip which adds various stealth features to make it harder to detect. Two more keystroke-capturing programs are Encore, also available from wuarchive.wustl.edu in the directory /pub/msdos/keyboard as encore.zip, and KeyCopy, available from ftp.clark.net in the directory /pub/jcase as keycopy.zip. Another keystroke grabber, distibuted as depl.zip, runs a target program inside a shell which saves all keystrokes in scrambled form to a hidden file for later retrieval. DEPL can remove itself after use, and is customizable via a simple script file. Footnote [4]: A program specifically created for this purpose is keytrap, which is distributed as File 26 of Phrack Volume 5, Issue 46 (20 September 1994) and is available from freeside.com in the directory /pub/phrack as phrack46.zip. keytrap is a memory-resident program which logs keystrokes to a hidden data file for later recovery, and comes with source code allowing it to be easily customized for a particular purpose. A slightly improved version is available as keytrap2.zip. Footnote [5]: A program which watches for a certain event before activating itself is Thief (originally called Getit), written by someone at George Washington High School in Denver, Colorado to capture Novell logon ID's and passwords. The program hooks the DOS int 21h interrupt and waits for EXEC (program execute) calls. It then checks to see if the program being executed is the Novell LOGIN program. If it is, it captures subsequent keystrokes to a hidden file for later perusal. Thief comes with source code and can be modified to check for other programs or perform other monitoring functions if required. Footnote [6]: PC-Sentry, available in the Compuserve NOVUSER forum as sentry.zip, can secretly monitor and log all computer activity such as files accessed or deleted, command-line activity, programs run, and so on. A network version is also available. Activity Monitor, available in the Compuserve IBMSYS forum as actmon.zip, can monitor all activity under Windows 3.1 or above, and has a stealth mode of operation for unobtrusive use. Dangers of Encryption The use of very secure encryption is not without its downsides. Making the data completely inaccessible to anyone but the holder of the correct password can be hazardous if the data being protected consists of essential information such as the business records for a company which are needed in its day-to-day operation. If the holder of the encryption password is killed in an accident (or even just rendered unconscious for a time), the potential complete loss of all business records is a serious concern. Another problem is the question of who the holder of the password(s) should be. If the system administrator at a particular site routinely encrypts all the data held there for security purposes, then later access to the entire encrypted dataset is dependant on the administrator, who may forget the password, or die suddenly, or move on to another job and have little incentive to inform their previous employer of the encryption password (for example if they were fired from the previous job). It could even occur that the ex-administrator has forgotten the password used at his previous place of employment and might require a small, five-figure consideration to help jog his memory. The difficulty in prosecuting such a case would be rather high, as proving that the encryption system wasn't really installed in good faith by the well-intentioned administrator to protect the company data and that the password wasn't genuinely forgotten would be well nigh impossible.

    98. INDIAN AFFAIRS: LAWS AND TREATIES. Vol. 1, Laws
    August, eighteen hundred and eightynine, between Simon James, Robert James, JamesF. Freeney, John M. Grady, GM Bond, Fritz Sittel, and RJ Ward, citizens of
    http://digital.library.okstate.edu/kappler/Vol1/HTML_files/SES0373.html
    INDIAN AFFAIRS: LAWS AND TREATIES
    Vol. I, Laws (Compiled to December 1, 1902) Compiled and edited by Charles J. Kappler. Washington : Government Printing Office, 1904. Home Table of Contents Index

    CHAP. 35
    ...
    Chapter 1252
    Sections
    Margin Notes Chap. 1252 Choctaw Nation. Ratification of coal mining leases to Choctaw Coal and Railway Company.
    See note to 1898, c. 517, post, p 656. Chap. 1252 Leases Chap. 1252 Conditions. Chap. 1252 Limit of area. Chap. 1252 Period. Chap. 1252 Report of coal mined, royalties, etc. Chap. 1252 Restriction of prices for sales. Chap. 1252 All obligations of lessees to be performed. Chap. 1252 Rights restricted to mining, etc. Sec. 2 Rights of Chickasaw, etc., not impaired. Sec. 3 Violation of conditions to forfeit consent.
    Chapter 1252
    Page Images
    An act giving, upon conditions and limitations therein contained, the assent of the United States to certain leases of rights to mine coal in the Choctaw Nation. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled , That the consent of the United States is hereby given, upon the conditions and with the limitations hereinafter set forth, and no farther, to the following-described leases of coal rights, which citizens of the Choctaw Nation have made to the Choctaw Coal and Railway Company, a corporation created by the laws of the State of Minnesota, copies of which leases, eleven in number, have been filed and deposited with the Secretary of the Interior namely:

    99. NDOW Draw Results
    111. Ward, GERALD L, RENO, RES ANTLERED ELK (4151, 4156, 4161), 161E.Ward, Grady E, ELKO, RES ANTLERED ELK (4151, 4156, 4161), 111. Ward
    http://www.huntnevada.com/draw/draw5/2002/50001814.HTM
    Unsuccessful Applicants (Continued) Name City Hunt Area WARD, GARY L EAGLE NR NELSON BIGHORN (3251) WARD, GAVIN R CARSON CITY RES ANTELOPE HORNS LONGER (2151, 2161) WARD, GAVIN R CARSON CITY RES ANTLERED ELK (4151, 4156, 4161) WARD, GAVIN R CARSON CITY RES NELSON BIGHORN (3151) WARD, GAVIN R CARSON CITY RES CALIFORNIA BIGHORN (8151) WARD, GAVIN R CARSON CITY RES ROCKY MOUNTAIN BIGHORN (9151) WARD, GAVIN R CARSON CITY RES MOUNTAIN GOAT (7151) WARD, GEORGE T RENO RES ANTLERED MULE DEER (1131, 1141, 1171) WARD, GEORGE T RENO RES ANTELOPE HORNS LONGER (2151, 2161) WARD, GEORGE T RENO RES ANTLERED ELK (4151, 4156, 4161) WARD, GERALD L RENO RES ANTLERED ELK (4151, 4156, 4161) WARD, GRADY E ELKO RES ANTLERED ELK (4151, 4156, 4161) WARD, JACK C NORTH LAS VEGAS RES ANTELOPE HORNS LONGER (2151, 2161) WARD, JACK C NORTH LAS VEGAS RES ANTLERED ELK (4151, 4156, 4161) WARD, JACOB R VERDI RES ANTLERED MULE DEER (1131, 1141, 1171) WARD, JACOB R VERDI RES ANTELOPE HORNS LONGER (2151, 2161) WARD, JAMES A RENO RES ANTLERED ELK (4151, 4156, 4161) WARD, JAMES M LAS VEGAS RES ANTLERED ELK (4151, 4156, 4161)

    100. Elección De Passwords
    Translate this page Debo la mayor parte de la información de este artículo a las PASSWORD.FAQde Grady Ward (Grady@netcom.com). Gracias a él ya todos
    http://webs.ono.com/usr005/jsuarez/password.htm
    [Portada]
    [Seccion]

    [Anterior]
    [Siguiente]
    (Abril 98) Lee en el [Portada] [Seccion] [Anterior] [Siguiente] ... http://MundoCripto.come.to
    Generado Ago 2000

    A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

    Page 5     81-100 of 106    Back | 1  | 2  | 3  | 4  | 5  | 6  | Next 20

    free hit counter