What’s special about EINPB? Let’s have a quick jog through some of its features. Our new tool instantly reveals cached passwords to Web sites in Microsoft Internet Explorer, mailbox & identity passwords in lots of Microsoft versions. It as well supports the new security model employed by Microsoft Internet Explorer 7 and 8.

Think it can be of any interest for you, please visit our site http://www.elcomsoft.com & learn more about EINPB at http://einpb.elcomsoft.com.

iOS 4 comes packed with a lot of nice features (long-awaited multitasking, background location services, iBooks and much improved Mail app  just to name a few) and we are very pleased to announce today the release of the new version of Elcomsoft iPhone Password Breaker with support for iTunes 9.2 and iOS 4.

Elcomsoft iPhone Password Breaker (or EPPB for short) is a utility to recover passwords for encrypted and password-protected iPhone/iPod/iPad backups created with iTunes (please note that it’s not meant to recover or remove passcode lock on the device).

With iOS 4 Apple has completely changed the way backups are encrypted and stored. Backup and restore processes are way much faster now. Apple have also improved protection against password recovery attacks, thus making our job harder (password recovery is about 5x slower for new backups than for older ones).

We at Elcomsoft try our best to keep up with the times, so most of our tools & programs are adjusted to the latest technologically advanced features. The EPPB is not an exception, new version of EPPB fully supports both old and new backup formats. It also supports hardware acceleration using NVIDIA and ATI GPUs and Tableau TACC1441.

As our previous survey went like a breeze (you will find the report in our archives), it is a logical next step that we decide to try one more time. From the very first survey we gained curious info, which was also interesting to publicity. Naturally questions about password protection are numerous and some of them remain dark, possibly a little too much so, that is why we are tempted to undertake one more “investigation”.

This time we expanded on questions and made some of them hypothetical, where you are put into a situation to find a way out. It is interesting to trace your way of thinking on both hypothetical and actual matters, so other questions are suggested to understand your attitude to real everyday situations you have to deal with.

As usually, survey completion will be finalized by a report.

We tried not to inundate our questionnaire with baffling questions, but if you still consider it time-consuming, you are welcome to answer one absurdly simple question on home page of ElcomSoft website.

C’mon you are within an ace of getting 10% discount for all our software; just find a little will-power to put a couple of ticks. Again, thank you for taking time from your busy day and completing our questionnaire.  And feel free to channel this survey to your friends and colleagues.

Best of luck!

However, there is no order that users have to change their Wi-Fi passwords regularly, the only requirement being to set up a password on the initial stage of wireless access installation and configuration.

I’ve conducted a mini-research here in Russia. There are 5 wireless networks in range that my computer finds when at home. Although all of the networks have rather bizarre names, they are all WPA- or WPA2-protected. My guess is that people do not install wireless access at home by themselves or browse the Internet for instructions and find some on protection and passwords. At the same time, I often come across unprotected networks in Moscow and I do use them to check my Twitter account. It is obvious that to make any conclusions, one has to dive into this topic much more deeply.

What I learnt working for ElcomSoft – the company that recovers passwords and does it very well – is the following: sometimes a password is not enough. You need a good password to make sure your data is protected. WPA requires using passwords that are at least 8 characters long. Such length guarantees quite good protection. The problem as usual is the human factor. We still use admin123 and the like to protect our networks.

Fortunately, there are tools that can help you check how strong your WPA/WPA2-password is. One of such tools is Wireless Security Auditor. It makes use of various hardware for password recovery acceleration and a set of customizable dictionary attacks. The idea is simple: if this monster does not find your WPA/WPA2-password, then it is secure 

Nice weekend to all.

Developing software for ATI cards is (okay — was) a nightmare. In 2009 ATI quietly introduced two changes in their drivers which made previously perfectly functional and compatible applications to crash (if you are curious: with Catalyst 9.2 or 9.3 they’ve changed names of supporting DLLs bundled with drivers; with Catalyst 9.9 or 9.10 they’ve probably changed format of underlying binary so that anything compiled and linked in with earlier versions caused a driver to crash).

Well, with the release of Catalyst 10.4 drivers ATI is again at it. This time problem only affects users who have display adapters from different vendors in their computer. Applications utilizing ATI Stream will work on such configurations just fine with Catalyst 10.3, but once you upgrade to 10.4, applications will crash with faulting module being aticaldd.dll, a part of ATI Display driver. Kinda embarrassing, I would say. Regression testing is really something one with millions of users should consider.

Users of our software relying on ATI hardware accelerations (as well as any other ATI Stream enabled applications) should not update to 10.4 if ATI Readeon is not the only card in their computer.

The last, but not the least, we have found that EPPB can handle encrypted backups from Apple's newest tablet, iPad (thanks to Apple for using the same underlying technologies for iPhone, iPod Touch and iPad).

P.S. If anyone's interested, we think that iPad is really cool gadget. It's not a substitute for a laptop, but it's great for catching on emails, surfing web, watching photos or videos or movies and for reading books. And multitouch on 10'' screen is awesome .

P.P.S. Yes, this blog post was originally created on iPad.

It was the third time we participated in Infosecurity Europe. The whole affair was in jeopardy due to volcanic ash paralyzing all major European airports but we did it. And everything went smoothly as planned.

We presented several latest developments at Infosecurity. First, two of our products, Elcomsoft Wireless Security Auditor and Elcomsoft iPhone Password Breaker, now support Tableau TACC1441.  These hardware accelerators are widely used in digital forensics to recover passwords and gather evidence from encrypted files. They consume considerably less power than GPUs and can be easily plugged and unplugged.

Second, the sales of Elcomsoft iPhone Password Breaker have started. The product is already quite popular and now it is finally out of beta. We expect it to gain even more popularity as it now supports Tableau as well as NVIDIA CUDA and ATI Stream acceleration technologies.

Quite often people ask us why we go to exhibitions and what benefits we see in such events. I’m not going to put any marketing or brand-awareness considerations into this post, although the visibility at major events is always a grand factor. For us as a company, the most important thing is that we can meet our customers in person at such global events as Infosecurity Europe. We get feedback from our customers by e-mail but personal feedback is a thing one could not underestimate.

 I would like to thank everyone who visited ElcomSoft’s stand at Infosecurity for your tips, ideas and feedback on our products. You could also send your suggestions to info at elcomsoft dot com. Tell us what we should improve or what features add.

And see you next year in London at the 16th Infosecurity Europe.

The pics will follow soon.

The city gave us a warm and sunny welcome, regarding its weather, so since the arrival we were filled with positive energy & cheerful mood. We were not only exhibiting, but delivering a presentation as well (however it had been cut in time because of the previous speaker). The exhibition/conference took part in the Military Museum of Istanbul, highly-protected military zone, so that to enter the exhibition area one should have all his belongings scanned. But it wasn’t that annoying, we respected local rules & policies (obedient guys).

Now, a few words about the conference itself. We arrived in Istanbul the day before the event in order to have time to see the city a bit and to organize our booth, want to notice that we were one of the first exhibitors to have our stand constructed in time, can’t resist praising ourselves in this respect .

The first day of the exhibition was busy: hundreds of visitors, most of them were really interested and were in the topic of the show, which was actually a surprising fact for us. The rest two days were not that lively, to say the least of it, only the most forensics-obsessed people sacrificed their weekend to visit the exhibition, hope, it came up to their expectations .

On the whole, it was worthwhile experiments for us, next year we think of having another go at it. Want to thank everybody who visited our booth & took interest in our software.

Below there are some photo materials from the show…

Me at the booth…

Guys saying "cheese " at the camera

Have add this pic at multiple requests…

Just a beautiful view of the city

From developer's point of view NVIDIA has always been superior. Ease of use, quality of SDK and drivers, thorough documentation. Apparently, they have invested a lot in developing, promoting and supporting CUDA.

Developing software for ATI cards is (okay — was) a nightmare. In 2009 ATI quietly introduced two changes in their drivers which made previously perfectly functional and compatible applications to crash (if you are curious: with Catalyst 9.2 or 9.3 they've changed names of supporting DLLs bundled with drivers; with Catalyst 9.9 or 9.10 they've probably changed format of underlying binary so that anything compiled and linked in with earlier versions caused a driver to crash). And there was almost no documentation with 1.x ATI SDKs.

But when it comes to pure mathematical performance (that is, not counting memory transactions) ATI cards are faster than NVIDIA counterparts, usually by far. Sometimes by very far. That's why we've been supporting them for more than a year already.

Next week we're going to update two of our applications — Elcomsoft Wireless Security Auditor and Elcomsoft iPhone Password Breaker. Among other things, they will support the use of both NVIDIA and ATI cards at the same time. Although I don't think this is a very common scenario, we've had some questions regarding possibility of such configurations.

Well, the answer is — it works! To verify this we've put GeForce GTX 295 and Radeon HD5970 into the same PC and tried to make this configuration work. This is how it looks before connecting power cables:

And this is how it looks after:

With Windows 7, there were no problems installing drivers for both cards, everything went smooth. We have used Catalyst 10.2 and Forceware 196.75 (it has been removed from website due to problems with fan control; I believe 196.21 will also work just fine).

If you will try to do this yourself, beware of one catch. After you have installed drivers you will see both ATI and NVIDIA cards in Windows Device Manager, but EWSA or EPPB will show only cards from one vendor. To overcome this you'll need to connect monitors to both cards and extend your Windows Desktop onto both of them. If you'll do this, our programs will be able to recognize all cards and you end up with something like this:

In fact, you can use both cards even with Windows XP! This is, however, not so smooth as with Windows 7. Performance for ATI cards is worse in XP, too. The funny thing is that XP seems to be unable to boot with two display drivers installed, so you have to uninstall one driver first, reboot, and then install it again (do not reboot!). Connect second monitor, and our programs will recognize cards from both vendors. If you will try to reboot, you will end up with BSoD and will need to boot in Safe Mode, uninstall one of drivers, and start over. Here's screenshot of EWSA running under XP x64:

EDIT: Some discussion on performance and architecture of next-generation GPUs have been removed in accordance with NVIDIA request.