Password Crack

"Harlan Grove" wrote in:

Password cracking isn't necessarily illegal. Why assume OPs have illegal
intent?

Why assume they don't have illegal intent? It seems to me you'd have to at
least consider the possibility of illegal intent and there's no way to tell
on Usenet if you're being told the truth or a story, is there?


--
David R. Norton MVP

David R. Norton MVP wrote...
"Harlan Grove" wrote in:
Password cracking isn't necessarily illegal. Why assume OPs have illegal
intent?

Why assume they don't have illegal intent? It seems to me you'd have to at
least consider the possibility of illegal intent and there's no way to tell
on Usenet if you're being told the truth or a story, is there?

No, there's no way to prove anyone else's intentions, on Usenet or in
the real world. So does one walk around assuming everyone else is a
criminal?

so, for those whose first impression is that everyone else is a
criminal, how should one deal with the OP's request? Certainly not
provide the requested advice. That won't do! Remain silent (i.e., just
don't reply)? For the busy-body sorts, that won't do either! The
obvious answer is to become a net-nanny! How silly of me not to have
realized that.

What benefit to anyone is there in presuming illegal intent, given that
the cracks are commonly available and cheap? Especially since the OP, in
this case, presumably used his real name and address, despite MS's
warnings not to?

If one presumes illegal intent, what should be done about such posts -
does one have a duty to report solicitation to commit a crime? To what
jurisdiction? Does one also have to report anyone who answers as a
co-conspirator?

IMO, it's better to freely admit that Office document protection schemes
are not secure, and direct people to the available information. At the
very least, being honest about the "security" of Office documents may
educate the OP and lurkers that they shouldn't rely on Office protection
for documents in which confidentiality is important.

The presumption of illegal intent simply slows, or prevents, the ability
of legitimate users to recover documents.



In article ,
"David R. Norton MVP" wrote:

Why assume they don't have illegal intent? It seems to me you'd have to at
least consider the possibility of illegal intent and there's no way to tell
on Usenet if you're being told the truth or a story, is there?

"Harlan Grove" wrote in:

David R. Norton MVP wrote...
"Harlan Grove" wrote in:
Password cracking isn't necessarily illegal. Why assume OPs have illegal
intent?

Why assume they don't have illegal intent? It seems to me you'd have to at
least consider the possibility of illegal intent and there's no way to tell
on Usenet if you're being told the truth or a story, is there?

No, there's no way to prove anyone else's intentions, on Usenet or in
the real world. So does one walk around assuming everyone else is a
criminal?

No, but one should consider the possibility.

so, for those whose first impression is that everyone else is a
criminal, how should one deal with the OP's request? Certainly not
provide the requested advice. That won't do! Remain silent (i.e., just
don't reply)? For the busy-body sorts, that won't do either! The
obvious answer is to become a net-nanny! How silly of me not to have
realized that.

How silly of you to have posted the above idiocy. The sensible response
would be to tell the OP to contact a local computer shop who can send someone
on site, verify the legitimacy of the request and act accordingly.


--
David R. Norton MVP

David R. Norton MVP wrote...
....
How silly of you to have posted the above idiocy. The sensible response
would be to tell the OP to contact a local computer shop who can send someone
on site, verify the legitimacy of the request and act accordingly.
....

MVP stading for most vacuous posting?

The OP wanted to save money. A housecall from a local computer shop
would save the OP money?

Who's posting idiocy?!

"Harlan Grove" wrote in:

David R. Norton MVP wrote...
...
How silly of you to have posted the above idiocy. The sensible response
would be to tell the OP to contact a local computer shop who can send
someone on site, verify the legitimacy of the request and act
accordingly.
...

MVP stading for most vacuous posting?

The OP wanted to save money. A housecall from a local computer shop
would save the OP money?

Who's posting idiocy?!

You are. Again...

--
David R. Norton MVP

David R. Norton MVP wrote...
"Harlan Grove" wrote in:
David R. Norton MVP wrote...
...
How silly of you to have posted the above idiocy. The sensible response
would be to tell the OP to contact a local computer shop who can send
someone on site, verify the legitimacy of the request and act
accordingly.
...

MVP stading for most vacuous posting?

The OP wanted to save money. A housecall from a local computer shop
would save the OP money?

Who's posting idiocy?!

You are. Again...

Fine. I'm the idiot who realizes that honest people seeking to save
money wouldn't bother to follow your oh so sensible advice, and
criminals with half a brain more than you wouldn't bother for different
reasons.

You're the genius who believes money is no object after the OP has
indicated that it is. Apparently you know what the OP wants/needs
better than the OP himself. You must be able to provide detailed
responses to posting with just the word Help in the subject line and no
body, too.

If you want to call what I'm writing idiocy, go ahead. Definitions in
Usenet is maleable. Myself, I'd call it scorn.

JE McGimpsey wrote in:

What benefit to anyone is there in presuming illegal intent, given that
the cracks are commonly available and cheap?

OK, so the availability of Office 2003 in Warez groups means that robbing
the legitimate publisher of the software is all right?

I can't see the ready availability of cracks is justification for using
them.

Especially since the OP, in this case, presumably used his real name and
address, despite MS's warnings not to?

And how do you know he used his real name? I notice while you're defending
him you use the word "presumably" so is it possible you also have some
doubts?

IMO, it's better to freely admit that Office document protection schemes
are not secure, and direct people to the available information.

MHO differs from yours. Next next time I see some disreputable person trying
to open a new luxury car with a coat hanger should I just assume it's his car
and he has a right to it? Isn't that pretty similar to what you're saying?


--
David R. Norton MVP

MHO differs from yours.

IMO, we should call a halt to this thread. It isn't helping the original
poster at all.

--
Echo [MS PPT MVP]
http://www.echosvoice.com

I did say I was a skeptic. And I never said that this particular poster said
anything about a situation. All I did was state my opinion. And you stated
yours. That's cool. The world would be boring if everyone agreed with me.
I'd have to change my mind about things - and then so would everyone else.
ARGH!!! :-)

--

JoAnn Paules
MVP Microsoft [Publisher]



"JE McGimpsey" wrote in message
...
FWIW, I think JoAnn was rather out of line on this one. Assuming that
someone (who, BTW, posted under a real name and email address and who
has been a relatively frequent poster to many groups) is "nefarious" is
pretty harsh, not to mention horribly paternalistic.

Just based on my experience, it's far more likely that the OP has
forgotten the password on his own important file than that he was trying
to do something illegal - there was nothing in the original post to
indicate one way or the other, though the circumstantial evidence seems
heavily weighted toward legitimacy. (I don't know where JoAnn's "You
mean that's what they *say* is the situation" comes from, since the OP
*didn't* say.)

Unfortunately, XL's password protection is a sham. It ill-serves users
to withhold commonly available tools - it may even lead them to think
that XL's password protections are reliable, when they most definitely
are not.

I assist people on these groups because I like to, not because of what
they might do with it. I'm not going to withhold commonly available
information about passwords from a user just because they might be
dishonest, any more than I worry about whether someone uses that nifty
SUMPRODUCT() formula that I gave them to further their embezzlement.

I've posted a method of bypassing internal password controls to my site
as a convenience - the macro was being posted several times a week to
the newsgroups anyway, so anyone with the sense to Google could find
them.

Likewise, if the OP had chosen to Google for a password crack, he'd have
found hundreds of posts recommending cheap commercial solutions for file
passwords (I don't know of any free ones that are worth anything for
reasonably long passwords).


In article ,
Sarah Balfour wrote:

I'm with Jo on this one - I wouldn't assist anyone in cracking a
passworded
document even if they say their intentions are honourable - I don't want
to
be party to any nefarious dealings. I believe it was Beth who said that
she
was once asked to crack a file and it turned out to be someone's personal
journal.