[Full-disclosure] Salted passwords

[T Biehn]

Soliciting random suggestions.
Lets say I have data to one-way-hash.
The set has 9,999,999,999 members.
It's relatively easy to brute force this, or create precomp tables.
So you add a salt to each.
Still easy to brute force.
If you were to create it in such a way that the hash could exist
anywhere in the set member, does this increase the cost of computation
enough?

That is, consider a member 'abcdefg' with salt 329938255.
When authenticating against the server, it must permute over all
possible combinations of the salt and the set member in order to
determine the validity of the password.

If anyone has a better approach, or would like to approach me off
list, or knows of a list more suited to these queries please feel free
to redirect me :)

-Travis

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] AntiSec Owns Microsoft

[sunjester]

W0w, m4n much resp3ct 1 wi5h 1 c0uld 0wn microsh4f8 t00!! d4mn j00 l33t
antifags so l33t. so l33t. 1 w4nnbe ju5t lik3s y0u

-- 
Founder/Activist
http://fusecurity.com/ | "Free Security Technology"
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] BART

[comex]

On Fri, Aug 7, 2009 at 5:59 PM, Jacob Appelbaum wrote:
> -BEGIN PGP SIGNATURE-
>
> iD8DBQFKfKNeuIQakZ0PrOQRCMW/AJ98g2YmO6wp5Ht33//80PeGi4qq5ACeNwRE
> amuQfRBoYzXVUHUju8Ki8QM=
> =25gP
> -END PGP SIGNATURE-

gpg: Signature made Fri 07 Aug 2009 05:57:50 PM EDT using DSA key ID 9D0FACE4
gpg: BAD signature from "Jacob Appelbaum "

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] AntiSec PHHEER #2

[antisec]

Since, heck, we have so many lovely fans :))) We feel as if we 
(me) shud insult the wh...@arab movement (ching chang unholy mother 
fuckers) with another blatant remark about their anti-anti-
homosexual behaviours.

According to the provisions of the Law no. 105/1992 regarding the 
regulations of the international private law, a person’s civil 
status, capacity and family relationships are subject to the 
national law.

The national law is the law of the state whose citizen the 
individual is; it regulates the status of the Romanian citizens, 
irrespective of whether their residence place is within the county 
borders or abroad.

The civil status documents give proof of a person’s birth, marriage 
or death; they are registered in the best interests of both the 
state and the individual and envisage the protection of the 
fundamental rights and freedoms.

In Romania the Law 119/1996 and the application methodological 
norms regulate the civil status regime.

Marriage Certificate - Registration and Issuance

The diplomatic missions and consular sections of Romania have the 
legal capacity to register marriage both between Romanian citizens 
and between a Romanian citizen and a foreign citizen, unless the 
state law of the latter opposes.

A. Marriage between Romanian Citizens

To officially register marriage in the embassy or consulate, 
Romanian citizens must comply with the following requirements:

* The male must be 18 and the woman 16 years old
* Neither of the spouses should be currently engaged in a 
conjugal relationship
* To provide valid identity proof (passports).

Required Papers

   1. Declaration of matrimony signed by both spouses;
   2. Romanian passports or any other Romanian valid identity proof;
   3. Birth certificates in the original;
   4. A signed declaration in personal script of each of the 
spouses, to state the current status of potential previous 
marriages, and if this be the case:
  - a copy of the divorce or marriage dissolution decision;
  - death certificate of the late spouse;
  - certificate of previous marriage with specific mention of 
dissolution;
   5. Health certificate regarding the health condition of the two 
spouses with specific mention of their being clinically fit to 
contract marriage. The certificate is valid for 14 days from the 
issue date.

NOTE
The marriage certificate will be officially delivered within 10 
days from the date when the request and the other documents have 
been handed in.
Documents in foreign languages must be provided with the 
appropriate certified translation into Romanian.

B. Marriage between a Romanian Citizen and a Foreign Citizen

To perform marriage in the Romanian embassy or consulate the 
parties must comply with the following requirements:

* The male must be 18 and the woman 16 years old
* Neither of the spouses should be currently engaged in a 
conjugal relationship
* To provide valid identity proof (passports)
* The law to which the foreign citizen is subject must not find 
hindrance to the marriage.

Romanian citizen must provide the following documents:

a. Declaration of matrimony signed by both spouses at the embassy 
or consulate;

b. The Romanian valid passport or any other Romanian valid identity 
proof;

c. Birth certificate in the original;

d. A signed declaration in personal script of the spouse at the 
embassy or consulate, to state the current status of potential 
previous marriages, and if this be the case: 
- a copy of the divorce or marriage dissolution certificate;
- death certificate of the late spouse;
- certificate of previous marriage with specific mention of 
dissolution.

   5. Health certificate regarding the health condition of the 
spouse with specific mention of his/her being clinically fit to 
contract marriage. The certificate is valid for 14 days from the 
issue date.

Foreign citizens must provide the following documents:

a. Declaration of matrimony signed at the embassy;

a. A valid identity proof;

b. Birth certificate in the original;

c. A bachelor certificate issued by either the competent 
authorities or the diplomatic mission or consular office of the 
state to which the applicant is subject;

   4. A customary law certificate regarding the conditions of form 
and substance of the marriage contract according to the law state 
involved. Either the competent state authorities or the diplomatic 
mission or consular office may issue the certificate. 

NOTE
The marriage certificate will be officially delivered within 10 
days from the date when the application and the other appendages 
are handed in.
Documents in foreign languages must be provided with the 
appropriate certified translation into Romanian

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] AntiSec Welcomes Milton!

[antisec]

For all you fans of AntiSec, our new member Milton has provided a 
splendid form for application. Send all (modified) applications to 
our hushmail asap!

PS. Aitel rips monkey butt holes.

- Forwarded message from milt...@hushmail.com -
Hi,

I know my request has 99.999% risks not to be accepted but i want
to chat with some members of antisec (silc seems a good way ?  /0\)
My aim is only to chat, have fun, i'm an individual and not
affiliated with any movement, company, service (hard to beleive,
but if i was would i say that ? yes probably/ so it's stupid.. :D)
Anyway i'd have real pleasure to laugh and chat with peoples
interested in security, and this movement i think is really smart
(honestly).
I'm desapointed beacause i'm interested in security and never
thought about the consequences of fd, and the born of antisec.

Please contact me by mail indicating the way to chat with you (irc
chan/silc) if possible.

Keep on going like that !


Thanks in advance to answer, probably to tell no, but hopefully to
say well, comeon'in
If you're not able to invite me to chat, feel free to give me the
path for a young padawan (url/links/chat) to have real good info
(especially on Summer of Hax or good security teams).



Sincerely yours
Milton

(you probably receive same mail from hotmail, i'll use this
o...@hushmail better)

PS: Jessica Simpsons is hawt or Jessica Biel hawter or definitively
Jessica Alba ?
Feel free to answer :D

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] AntiSec PHHEER #1 (anti...@hushmail.com)

[Gichuki John Chuksjonia]

i thought the same thing. This guy shud get a life!!!

On 8/9/09, Zloss  wrote:
> So what the heck are you doing dumbass ?
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


-- 
-- 
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com

{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] AntiSec PHHEER #1 (anti...@hushmail.com)

[Zloss]

So what the heck are you doing dumbass ?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/