Path: utzoo!utgpu!watmath!clyde!att!rutgers!ukma!uflorida!novavax!proxftl!twwells!bill From: bill@twwells.uucp (T. William Wells) Newsgroups: comp.unix.wizards Subject: Re: Worm/Passwords Message-ID: <231@twwells.uucp> Date: 1 Dec 88 05:45:49 GMT References: <22401@cornell.UUCP> <4627@rayssd.ray.com> <251@ispi.UUCP> <205@twwells.uucp> <8981@smoke.BRL.MIL> <220@twwells.uucp> <8998@smoke.BRL.MIL> Reply-To: bill@twwells.UUCP (T. William Wells) Organization: None, Ft. Lauderdale Lines: 24 In article <8998@smoke.BRL.MIL> gwyn@brl.arpa (Doug Gwyn (VLD/VMB)) writes: : In article <220@twwells.uucp> bill@twwells.UUCP (T. William Wells) writes: : > ... lassword ... : : Oh, but I can't let you have the lassword! But I haven't cried `youncall' yet! :-) : I didn't mean to imply that this approach wasn't viable, but I : couldn't resist the experiment and thought (since the posted travesty : program wasn't runnable on anything except MS-DOS) that an illustration : of what "travesty" produces might be informative to many readers. I didn't think you were; I was just addressing a valid objection raised elsewhere about password generators. The travesty program has the benefit of augmenting its random generator with additional data that the crasher has to get to before he can crack the password. This eliminates the problem with a crasher simply running a generator program through all its possible states. --- Bill {uunet|novavax}!proxftl!twwells!bill