Binarycse

Losing Laptop means loosing all your passwords

If your Windows laptop is stolen, be warned: new research shows how a thief can gain access to the passwords used by your Amazon.com, Google, Yahoo, Facebook, and other Web accounts.

The passwords for accounts in the cloud are supposed to be protected by Windows' built-in encryption. But a team of security researchers demonstrated at the Black Hat security conference here how last week to bypass the operating system's security.
A thief--or someone unconcerned with the finer points of federal hacking laws--can take advantage of the vulnerability to discover the passwords stored by Web browsers and other programs like instant messaging clients. So can police using electronic forensics to analyze a computer seized during a criminal investigation or without a warrant at a national border.
"It's not just your data on the computer, but everything you have in the cloud, including your Facebook account, your Gmail account, and so on," Elie Bursztein, a postdoctoral researcher at Stanford University who also analyzed Microsoft's geolocation database, told CNET. Ivan Fontarensky, Matthieu Martin, and Jean Michel Picod collaborated with him on the research.
The team has released a open-source utility to perform this decryption, which they call OWADE, for Offline Windows Analyzer and Data Extractor. It runs on Ubuntu, a Debian-derived Linux distribution, and is designed to decrypt information stored by the four major Web browsers and instant messaging clients under Windows XP.
Here's how it works: Windows offers a built-in encryption feature called DPAPI, part of the Crypto API, which allows application developers to store sensitive data in scrambled form. Microsoft describes as allowing any application to "secure data without needing any specific cryptographic code other than the necessary function calls to DPAPI." (API stands for application programming interface.)
That's a useful feature to have--assuming it's designed and implemented well.

• Next >