hons.un-excogitate.org/category/general

Submission and progress

Finally i've gotten access to this space again.

I'm glad to announce that I have in fact finished and submitted my thesis. This happened way back in November and have only just this week discovered that i received an 84% with some minor changes before getting it printed and submitted for storage (as a book) at uni.

Since my last post i have in fact finished my thesis and all accompanying university work and have just recently started a new computer & information security job for a subsidiary of riotinto.

Anyway - i guess this is it for this sub-domain .. i hope everyone elses studies continue to progress and expand.

Submitted Conference Papers

Last night i submitted two papers to be reviewed for the 2nd Australian Computer, Network & Information Forensics Conference 2004.

The first paper i submitted was based on an analysis of the integrity of digital forensic images acquired from Palm OS PDA devices, when acquired by PDD. The technical, experimental notes from this paper are what i've been writing up over here (Day 1 Day 2 Day 3 Day 4)

The second paper was one that i had written last semester for a unit - mostly based on the analysis and reports of my pilot tests on John the Ripper on the x86 Beowulf, Igneous. (Links: pilot experiments on clustered password cracking, pilot experiment results)

Also, on the same day, finally got my printouts of my proposal out so they could be formally submitted - which is great!

Anyway, need to go to work for a bit.

Real Passwords

Forgot to mention this earlier, but I might get the opportunity to run my tests on some live password files (Windows SAM Files). My supervisor notified me of this a couple of weeks back, naturally the first question that came into my head was that of ethics clearance - but the assurance goes that because it's the University's property, and because i would almost be "contracted" out to do the work - it should be fine.

So this will be interesting indeed.

CSec experiment will hopefully commence this week

finally got igneous up and running, and will hopefully begin some tests of JTR-MPI on this 32-bit cluster.

The paper for my CSec unit will also require some further research into password strengths, and what is perceived as good methods of giving a password a certain strenth metric.

In regards to my presentation .. it went well. The feedback was fairly positive, and there didn't appear to be any gaping holes in my logic, method, or proposal document so far.

It all still feels like such slow going.

anyone say eeek?

have to do my honours proposal presentation tomorrow morning in front of the scarey crowd... am completely shit-scared.

I know i'm not going to die.. and it's not like the dentist where it will a) cost lots, b) possibly hurt lots - but it doesn't stop the nerves from going haywire.

I'll try and post about it later.

(also added to the lit review section)

oh f**k you endnote

right..

so as dan's pointed out before.. endnote is shit. Usually i can put up with it's crappy quirks and lil fuck-ups.. but for the last 30mins i've been drying to figure out why the text on my page has been getting pushed into a smaller and smaller area.. only just then i realised .. hang on.. the header-footer boxes were SOMEHOW getting extra blank-lines added when i was changing some formatting.

This has NEVER happened before, and with all the other format discrepencies i've been experiencing since endnote was installed.. i place the blame totally on you.

You vila piece of referencing software..

Too bad i'm too gutless to drop it.

JtR make x86-64

John the Ripper password cracker

Happy Days!.. Sometime during the end of Feb Solar Designer (Creator of JtR) released version 1.6.37 which includes a correct arch.h file for the x86-64 architecture!

Woo.

Can't wait to benchmark the standard JtR versus this JtR64.

Passwords in a Humanless World

Well, from my last post it seems that i hadn't made any drastic mistakes, and my structure seemed to be a-ok!

Apart from that i've been slowly crunching away on my lit-review, my progress seems to be stumbling upon at some sort of usable pace, and it's good to hear that dan + i will be submitting work/checking work with our supervisor every week now, which i feel will swallow up any errors very very quickly.

In other news, it's great to hear that you should get a copy of a book and then remember that you already have it! (Mitnick you beauty) .. was also great too use as a reference point..

Especially in the fact that:

"Passwords would be a perfect means of authenticating with a computer system if humans didn't exist"

It would be difficult...

... to max-out your library borrowing limit.

Even though the amount of tech/crypto/comp-sec books that exist on the 4th floor of the library must be stretching almost into the thousands, i believe it would be impossible to carry enough books to max-out your limit, especially at the average page-length of 700.

Anyway, have got my hands on the "Handbook of Applied Cryptography" by Menezes, Oorschot and Vanstone; "Cryptography Theory and Practice 2ed" by Stinson; and "Internet Firewalls and Network Security 2ed" by Hare and Siyan.

Hopefully i'll be able to kill 2 birds with these books, the crypto + password policy stuff will work well with my proposal, and the crypto books also have the potential to aid me in my csec paper that i'll have to do sometime (the abstract of which is due in 3 weeks)...

On to the proposal

1 Page Possible Honours Topic

I'll post the criticism i receive on wednesday into this post at a later date.

Download file

Welcome

Welcome to the shared posting resource pages for the fun 2004 honours project members christian and dan .. these pages will hopefully be utilised as a system to allow us to share links and reviews or anything.

Navigation on the left allows you to view entries based on their category - such as general entries (like this one) or technical entries.

The links link further down will be used to house all of the links we post as well, which will also be sub-divided into groups.