REMINDER: January Meeting tonight: Everything We Know About CyberSecurity is Wrong (Ryan Byrd)
a_d_kirkwood at yahoo.com
Tue Jan 17 13:04:22 MST 2017
If anyone in Salt Lake County wants to carpool, email me.
Sent from Yahoo Mail on Android
On Tue, Jan 17, 2017 at 10:40 AM, Steve Meyers<steve at plug.org> wrote: Date: Tuesday, January 17th
Location: UVU Business Resource Center
The exploits and security breaches which are technically feasible and the ones that actually occur in the wild are two very different things. There are two common, bad assumptions: one, that people choose random passwords and two, that passwords are broken with dumb brute force. Neither of those assumptions are correct. Brute force attacks are never used on passwords of longer than six characters because it takes too long. So instead, hackers use word list attacks that combine list of words gathered from hacked passwords, Wikipedia, the Gutenberg Project and YouTube comments and then combine those words in unique ways (https://hashcat.net/wiki/doku.php?id=oclhashcat has over 5100 rules to do this). This so-called intelligent brute force reduces the candidate key space and makes attacks possible on 55 character or longer passwords.
Ryan is a computer engineer working at the base of the Rocky Mountains. Sometimes he solves hard problems, builds embedded devices, creates web applications and automates processes for good people. Sometimes he just keeps bees. He's very busy and important.
Just go in the front doors, and follow the signs. We're usually in a conference in the back of the main floor.
http://plug.org/uvu has directions and a map
PLUG: http://plug.org, #utah on irc.freenode.net
Don't fear the penguin.
More information about the PLUG