ElcomSoft: Difference between revisions

ElcomSoft Co.Ltd.
Company type	Private
Industry	Software
Founded	1990
Headquarters	Moscow, Russia
Website	www.ElcomSoft.com

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 13:24, 24 April 2012

ElcomSoft is a Russian software company specializing in computer security and data recovery applications. Popular products include their eBook processing and password recovery software supporting many of Microsoft's products. ElcomSoft is also a co-founder of the Independent Software Developers Forum (ISDEF).

ElcomSoft has filed several patents in the USA. One of them is for the company's proprietary technology Thunder Tables.

Thunder Tables

Thunder Tables(R) is ElcomSoft's patented technology which ensures guaranteed recovery of Microsoft Word and Microsoft Excel documents protected with 40-bit encryption in just seconds instead of hours or days. The technology allows opening corresponding files using special pre-computed hash tables. These tables take around ~ 4GB, and fit easily onto a single DVD or USB flash drive. The technology is used in Advanced Office Password Breaker^[1] and Advanced PDF Password Recovery^[2].

The DMCA case

On July 16, 2001, Dmitry Sklyarov, a Russian citizen employed by ElcomSoft who was at the time visiting the United States for DEF CON, was arrested and jailed for allegedly violating the United States DMCA law by writing ElcomSoft's Advanced eBook Processor software. A landmark court case ensued, setting precedents and attracting much public attention and protest. On December 17, 2002, ElcomSoft was found not guilty of all four charges under the DMCA. Bruce Chizen, CEO of Adobe Systems, had this to say to CNET:^[3]

Looking back with 20/20, I wish that we could have had better communication with ElcomSoft, Dmitry Sklyarov and the EFF (Electronic Frontier Foundation) before the whole thing went public. I'm sorry that we weren't able to do that, because I think we could have resolved a lot of the issues.

Wireless Security Auditor

Elcomsoft's Wireless Security Auditor (EWSA)^[4] is a program which takes WPA/WPA2 Hash Codes and, using brute force methods, tries to guess the password associated with a wireless network. The brute force attack is carried out by testing passwords with a known SSID of a network of which the WPA/WPA2 Hash Code has been captured. The passwords that are tested are generated from a dictionary using various mutation (genetic algorithm) methods, including case mutation (password, PASSWORD, PassWOrD, etc.), year mutation (password, password1992, password67, etc.), and many other mutations to try to guess the correct password.

The advantage of using EWSA over traditional methods, such as rainbow tables^[5], are numerous. Rainbow tables, being very large in size because of the amount of SSID/Password combinations saved, take a long time to traverse, cannot have large numbers of passwords per SSID, and are reliant on the SSID being a common one which the rainbow table has already listed hash codes for (Common ones include linksys, belkin54g, etc.). EWSA, however, uses a relatively small dictionary file (a few megabytes versus dozens of gigabytes for common rainbow tables) and creates the passwords on the fly as needed. Rainbow tables are tested against a captured WPA/WPA2 Hash Code via a computer's processor with relatively low numbers of simultaneous processes possible. EWSA, however, can use a computer's processor(s), with up to 32 logical cores, up to 8 GPUs, all with many CUDA cores(NVIDIA) or Stream Processors(ATI). This makes EWSA much faster than traditional techniques, advertising the ability to test over 100,000 passwords per second on a modern, high end computer that many consumers and businesses can afford.

While the software itself is fairly expensive (Rainbow tables are typically open source and free while EWSA Standard is $399 and EWSA Professional is $1,199), for businesses using this technology for penetration testing, the time saved can be tremendous and money saved on additional hardware can also outweigh the cost of the software.

Canon cameras

On November 30, 2010, Elcomsoft announced that the encryption system used by Canon cameras to ensure that pictures and EXIF metadata have not been altered was flawed and cannot be fixed.^[6]^[7] On that same day, Dmitry Sklyarov gave a presentation at the Confidence 2.0 conference in Prague demonstrating the flaws.^[8] Among others, he showed an image of an astronaut planting a flag of the Soviet Union on the moon; all the images pass Canon's authenticity verification.^[9]

References

External links

This Russian corporation or company article is a stub. You can help Wikipedia by expanding it.

[1] ttp://www.elcomsoft.com/aopb.html

[2] ttp://www.elcomsoft.com/aopb.html

[3] ELCOMSOFT: Advanced eBook Processing Software

[4] ttp://elcomsoft.com/ewsa.html

[5] ttp://wirelessdefence.org/Contents/coWPAttyMain.htm

[6] ttp://elcomsoft.com/news/428.html

[7] ttp://www.pcworld.com/businesscenter/article/211965/analyst_finds_flaws_in_canon_image_verification_system.html

[8] ttp://201002.confidence.org.pl/prelegenci/dmitry-sklyarov

[9] ttp://www.elcomsoft.com/canon.html

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

@@ Line 11: / Line 11: @@
 ElcomSoft has filed several patents in the USA. One of them is for the company's proprietary technology Thunder Tables.
+==Thunder Tables==
+Thunder Tables(R) is ElcomSoft's patented technology which ensures guaranteed recovery of Microsoft Word and Microsoft Excel documents protected with 40-bit encryption in just seconds instead of hours or days. The technology allows opening corresponding files using special pre-computed hash tables. These tables take around ~ 4GB, and fit easily onto a single DVD or USB flash drive. The technology is used in Advanced Office Password Breaker<ref>http://www.elcomsoft.com/aopb.html</ref> and Advanced PDF Password Recovery<ref>http://www.elcomsoft.com/aopb.html</ref>.
 ==The DMCA case==