>Note that 255 isn't the only blank space character in the ASCII chart.
>There's three or four of them. I routinely ignored 255 as that was the
>one most people used, hence was easily "crackable" if somebody figured
>out that's what's you had done. 11 characters of ASCII 255's can be done
>real-time by a human in a minute or two. Now, combinations of all four
>blanks in all 11 filename characters... that was more time than I had
>unless I knew the combination. Much safer than an ATM PIN number (using
>NDD to work it out is akin to holding a gun to the head of the guy with
>the plastic card and demanding the PIN number ;)
Too easy to crack, because it can be done in one try.
No need for NDD. A simple program using findfirst("*.*") and findnext()
could get the filename, and then print out the numerical values for the 11
characters. Or you could do
DIR > listing
DEBUG listing
-d
Even dir would write out those special characters. You couldn't see the
difference because they was all blank, but debug would do the trick.
Changing the ega/vga font would also reveal such tricks instantly. Simply
edit the codepage file with a binary editor and change long sequences of
zeroes (blank characters) to something else. Oh, this is about as
advanced as using NDD, but DIR+DEBUG could be used by anybody.
Helge Hafting
-- ----------------------------------------------------------- helge.hafting@daldata.no -----------------------------------------------------------
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/