[free-sklyarov] uh-oh, here are more candidates to be put in jail

Alex Katalov akatalov at elcomsoft.com
Fri Aug 3 21:36:00 PDT 2001


Dear Alexander,

RC4 is used in many commercial software products like MS Word, Excel,
Adobe PDF.

I'm surprising why nobody mention our speech on February 2001
Win2K Security Conference, which covers weakness in MS Office, MS
Outlook, WinZip, Acrobat PDF and other application. Full text of this
presentation may be found here:

http://www.blackhat.com/presentations/win-usa-01/Malyshev/BHWin01AMalyshev.ppt

Btw - Microsoft knows about our researches and even mentioned them on
their own website (Microsoft TechNet - this is something like a FAQ
for tech support staff and advanced users):

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/auas0301.asp
-------
Ask Us About... Security, March 2001

Q: I'm creating a document using Microsoft Word that may potentially
contain sensitive information. I note that Word has a password
protection feature (under Tools/Protect Document). How strong is the
security surrounding this feature?   

A: I get a lot of mail asking about the strength of passwords for
Office documents. As was demonstrated in an analysis of the Microsoft
Office password protection system presented by *ElcomSoft* at Black Hat,
the password-protection features of these programs were not designed
to be invincible. 
-------


Friday, August 03, 2001, 8:57:28 PM, you wrote:

AM> So when is FBI knocking on their door?

AM> http://www.newscientist.com/news/news.jsp?id=ns99991114

AM> Flaw found in common encryption program 
  
AM> A weakness has been discovered in a common system used 
AM> to protect computer communications from eavesdroppers.

AM> The problem was found with the implementation of RC4, 
AM> a program developed in 1987 which is frequently used 
AM> to encode electronic messages into apparently 
AM> meaningless data.




-- 
Best regards,
 Alex                            mailto:akatalov at elcomsoft.com





More information about the Free-sklyarov mailing list