Re: New article on SecurityFocus: John the Ripper creator interview

From: Justin Ferguson (jnferguson@gmail.com)
Date: Tue Mar 14 2006 - 04:12:42 EST


It greatly disapoints me to see Solar mainly remembered for this
program instead of all the breakthroughs and innovations he has
accomplished. While it is nice to honor him with an article about
john, let us not be unmindful that he pioneered the heap overflow as
many of us know it (or rather the unlink() technique, but he opened
pandora's box), or the non-exec stack patches, or openwall linux, or
all of his hard work on pam modules and so on.

It would have been nice to see some of that mentioned in his interview
somewhere, people tend to forget that john the ripper was just a small
piece of this mans work.

On 2/22/06, Erin Carroll <amoeba@amoebazone.com> wrote:
> John the Ripper 1.7, by Solar Designer
> interview by Federico Biancuzzi
> 2006-02-22
>
> Federico Biancuzzi interviews Solar Designer, creator of the popular John
> the Ripper password cracker. Solar Designer discusses what's new in version
> 1.7, the advantages of popular cryptographic hashes, the relative speed at
> which many passwords can now be cracked, and how one can choose strong
> passphrases (forget passwords) that are harder to break.
>
> http://www.securityfocus.com/columnists/388
>
> --
> Erin Carroll
> Moderator
> SecurityFocus pen-test list
> "Do Not Taunt Happy-Fun Ball"
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.375 / Virus Database: 268.0.0/267 - Release Date: 2/22/2006
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:40 EDT