Forget networked PCs or even PlayStation 3s, components commonly found in plasma TVs are the latest thing in password cracking tools.

High performance FPGA (Field Programmable Gate Array) chips are the Chuck Norris of number crunching, equally suited to image processing and (with a bit of modification) password cracking.

During the Black Hat conference in Washington in February researcher Dan Mueller used FPGA kit in an attack that cracks standard GSM transmissions, encrypted using the A5/1 algorithm, in as little as 30 seconds.

The same technology can be applied to crack Bluetooth transmissions in as little as eight seconds, according to security consultancy SecureTest, which ran a demo of the technology at the recent Infosec conference.

Burton Group has specifically commented on HP’s struggle to succeed in this competitive market. Burton Group’s Identity and Privacy Strategies Report, “The Identity Management Market 2007: An Expanding Universe”, Our Catalyst 2007 Keynote “Identity Management Market Landscape 2007: Enabling Security and Control Objectives in the Enterprise”, and our “Vantage Point 2007: Trends in Identity Management” telebriefing, all noted that HP’s ability to compete, mindshare, and market momentum has been in sharp decline.

Burton Group has been contacted by HP customers who report that HP is no longer going to seek new customers for its Identity Center product.  We have contacted HP and the company confirms that HP Software has decided to focus its investment in identity management products exclusively on existing customers and not on pursuing additional customers or market share. HP is in the process of reaching out to each customer regarding the change. Last week Burton Group spoke to HP Software Vice President of Products Eric Vishria regarding this development. 

Vishria explained that the Identity Center product line was not performing in this highly competitive market at a level that’s acceptable to HP, but added that the product supports the operations of a number of HP’s critical customers.  HP has therefore made the decision to focus research and development efforts on existing customers only.

A genuine crack for Windows Vista has just been released by pirate group Pantheon, which allows a pirated, non-activated installation of Vista (Home Basic/Premium and Ultimate) to be properly activated and made fully-operational.

Unlike cracks which have been floating around since Vista RTM was released in late November, this crack doesn’t simply get around product activation with beta activation files or timestop cracks - it actually makes use of the activation process. It seems that Microsoft has allowed large OEMs like ASUS to ship their products with a pre-installed version of Vista that doesn’t require product activation – apparently because end users would find it too inconvenient.

In addition to Sarbanes Oxley, there have been over time lots of requirements like PCI DSS and HIPPA that requires you to do audit logging. These requirements, which always said you need to maintain the logs, are now beginning to indicate that it's not simply collecting logs, but you also have to be able to review the activity in logs and identify areas potentially anomalous activity.