EEJournal

editor's blog
Subscribe Now
August 22, 2013

An Anti-Security Tool for Gray Hats

by Amelia Dalton

We all know that if we want to be able to… well… transgress someone else’s private computer and internet stuffs, there’s a subterranean culture with a dress code involving black hats where, for the right price, you can get all kinds of tools that will open up all kinds of unsavory possibilities. These are the guys our computer security systems are trying to protect us from. They’re the guys your mother warned you about.

If we keep them out of our computers, then we’re ok. Right?

Oh yeah… there’s this NSA thing going around. Scooping up vast quantities of data (the exact amounts of which seem unclear, but all of which estimates seem to qualify as “vast”). Hmmm… and they’re not getting it from our computers, but rather from folks we pay for computer services (or, in some cases, from folks that offer the services for free). We can protect our data on our systems (or so we believe), but once it leaves us and starts traversing the net, we’ve lost control.

OK, not great, but at least we can encrypt our data and password-protect our files. Someone may intercept the transmission, but at least they won’t be able to read the payload, right? Assuming they’re not consorting with the black hats, anyway…

In order for… I’m not sure what to call the NSA types, since they don’t quite seem like white hats. Gray hats perhaps? In order for the gray hats to break into our actual messages, they’d need to figure out the key or some password or something. And that’s hard to crack – intentionally hard, or else it wouldn’t be secure. So we’re OK. Right?

It’s certainly hard to crack passwords and keys, but, given enough computing power, it’s doable. Of course, software takes time to execute, even when using GPUs; something that’s accelerated in hardware would be just the ticket!

And, voilà! Pico Computing has just announced an FPGA-based acceleration system for cracking passwords. Oops! Wait, sorry – “cracking” is an ugly word. “Recovering” is the preferred euphemism. As in, “Bob left the company and didn’t give us his password. How are we going to open his files?” Why, recover the passwords, of course. One obvious corporate use model. How often is that needed? Hard to say. Probably a lot less often than gray hats might want to recover a password, however.

This is where it’s easy to slip into the Land of Evil. Let’s be clear here: I’m not saying Pico Computing or their technology is being evil. (I know, I know: “Technology isn’t evil, People are evil.”) In fact, Pico Computing isn’t really doing the cracking; they’re accelerating tools from a company called Elcomsoft. Elcomsoft focuses specifically on locked documents that require a password to open, so it’s not so much about decrypting encrypted traffic.

Nonetheless, amidst a sea of technology announcements promising security, I think this is the first announcement I’ve seen that gleefully promises to help compromise security. Although they don’t really say it that way, of course… You can see what they do say in Pico Computing’s release.

Leave a Reply

featured blogs
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...
Rapid Prototyping of Analog Circuits with Verilog-A Modeling
Apr 18, 2024
Analog Behavioral Modeling involves creating models that mimic a desired external circuit behavior at a block level rather than simply reproducing individual transistor characteristics. One of the significant benefits of using models is that they reduce the simulation time. V...
More from Cadence...
Leveraging Early Power Network Analysis to Accelerate Chip Design
Apr 16, 2024
Learn what IR Drop is, explore the chip design tools and techniques involved in power network analysis, and see how it accelerates the IC design flow.The post Leveraging Early Power Network Analysis to Accelerate Chip Design appeared first on Chip Design....
More from Synopsys...

featured video

MaxLinear Integrates Analog & Digital Design in One Chip with Cadence 3D Solvers

Sponsored by Cadence Design Systems

MaxLinear has the unique capability of integrating analog and digital design on the same chip. Because of this, the team developed some interesting technology in the communication space. In the optical infrastructure domain, they created the first fully integrated 5nm CMOS PAM4 DSP. All their products solve critical communication and high-frequency analysis challenges.

Learn more about how MaxLinear is using Cadence’s Clarity 3D Solver and EMX Planar 3D Solver in their design process.

featured chalk talk

IoT Data Analysis at the Edge
Sponsored by Mouser Electronics and STMicroelectronics
No longer is machine learning a niche application for electronic engineering. Machine learning is leading a transformative revolution in a variety of electronic designs but implementing machine learning can be a tricky task to complete. In this episode of Chalk Talk, Amelia Dalton and Louis Gobin from STMicroelectronics investigate how STMicroelectronics is helping embedded developers design edge AI solutions. They take a closer look at the benefits of STMicroelectronics NanoEdge-AI® Studio and  STM32Cube.AI and how you can take advantage of them in your next design. 
Click here for more information and to download the Intelligence at the Edge eBook
Jun 28, 2023
33,824 views