Elcomsoft is quite a well known firm when it comes to password ‘recovery’, I have used their products in the past when I was in a fix and I needed a password that had been, you know…lost.
They rose to fame in 2001 after cracking Adobe’s eBook format.
Recently they announced a fairly serious backdoor in Quicken product for accounting.
A Russian firm that provides password-recovery services says it has found a backdoor in the encryption mechanism that Quicken uses to secure password-protected files, a feature that makes millions of users of the personal finance program more vulnerable to government spooks or other highly determined snoops.
Elcomsoft, which made waves in 2001 after it circulated software that circumvented digital rights management protections in Adobe’s eBooks, said the latest version of its Advanced Intuit Password Recovery product allows users to remove password protection from Quicken files.
It’s a pretty serious case seen as though a lot of small and medium enterprises hold all of their accounting and payroll data in Quicken databases. It could lead to some serious theft, if Elcomsoft can work out the backdoor I’m sure the bad guys can too.
According to a statement issued by Elcomsoft, Intuit since 2003 has secured password-protected Quicken files using “strong encryption” that for practical purposes makes brute-force attacks impossible. But Elcomsoft said the strong encryption is accompanied by a backdoor that lets Intuit unlock encrypted files using a 512-bit RSA key that until recently was known only to Intuit. The key enabled Intuit to deliver retrieval service for customers who could no longer remember their password.
“It is very unlikely that a casual hacker could have broken into Quicken’s password protection regimen,” Vladimir Katalov, Elcomsoft’s CEO, said in a statement. “Elcomsoft, a respected leader in the crypto community, needed to use its advanced decryption technology to uncover Intuit’s undocumented and well-hidden back door, and to successfully perform a factorization of their 512-bit RSA key.”
The skeptics would indeed say the escrow or backdoor is there to allow Quicken to make more money from password recovery, the conspiracy theorists would say it’s there for FBI/CIA/Homeland access to people’s account.
I’m undecided personally.
Source: The Reg
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- Graphics Cards – The Next Big Thing for Password Cracking?
- A Collection of Web Backdoors & Shells – cmdasp cmdjsp jsp-reverse php-backdoor
- Google DID NOT Leak 5 Million E-mail Account Passwords
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,137,908 views
- Hack Tools/Exploits - 581,802 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 414,486 views