Re: How the password could be recover using FTP Explorer'sregistry!

[mikael.olsson () ENTERNET SE (Mikael Olsson)]

"Mark D. Miller" wrote:
> Actually, this is not an example of insecurity on a user friendly platform.

I beg to differ.

> The Voice Print Password is an alternate password method.  The primary is
> the password you type in.  When the voice print password is used, it uses
> the typed password to decrypt the keychain.

... and where does the typed password get stored, may I ask? Is it encrypted
somehow? In that case, how? Because the voice print certainly cannot be used
to decrypt it, as it varies too much every time you pronounce it. Encryption
is kind of funny that way, even if just one single bit is wrong, you won't be
able to decode the secret :-P

> Since everyone's voice is unique, there shouldn't be any worry as to security.

Ehm. Right.

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson () enternet se