Penetration Testing mailing list archives
Re: [PEN-TEST] Psydo-encyrption?
From: "Ng, Kenneth (US)" <kenng () KPMG COM>
Date: Wed, 3 Jan 2001 20:51:30 -0500
Reminds me of a place that I was once at that had the alarm disable code written in Chinese underneath of the alarm console. Classic security by obscurity. But I've got one better. I know of a place that used to put the passwords in a *MS WORD* document with a read password on a *NETWORK* *DRIVE*. When I showed them three ways to get the passwords they started to get worried. -----Original Message----- From: Iselin, William [mailto:William_Iselin () NAI COM] Sent: Wednesday, January 03, 2001 2:14 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Psydo-encyrption? I have a friend here who can read Chinese and actually prefers Big5. That is not encryption, but translation. If they are using this method they must not be serious about security. There are encryption products that are available for download off the internet at no charge. -----Original Message----- From: Parth Galen [mailto:parth_galen () lycos com] Sent: Wednesday, January 03, 2001 11:05 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Psydo-encyrption? I have a client who appears to be encrypting files (.rft docs) by changing the default language to Chinese (Big5). My question is, having such a file, how do you get it back into English? I would like to demonstrate that they need REAL encryption rather than (what I believe to be) a trick. --- Two wrongs do not make a right, but three lefts do! Get FREE Email/Voicemail with 15MB at Lycos Communications at http://comm.lycos.com ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. *****************************************************************************
Current thread:
- [PEN-TEST] Psydo-encyrption? Parth Galen (Jan 03)
- Re: [PEN-TEST] Psydo-encyrption? Bennett Todd (Jan 03)
- <Possible follow-ups>
- Re: [PEN-TEST] Psydo-encyrption? Iselin, William (Jan 03)
- Re: [PEN-TEST] Psydo-encyrption? Ng, Kenneth (US) (Jan 03)