[Bush2000]

Salting is a simple common practice in cryptography that was in place long before Microsoft made NT. Microsoft's inability to follow common practice simply resulted in another weak link in the security chain.

Yet again, salting does not make passwords unbreakable. So you're not making any point.

Okay, exactly how many systems out there does that apply to? I've already told you what Rainbow Crack can crack, and it applies to all but a tiny fraction of home, corporate and government Windows systems out there. That is a security problem.

Look, here's the challenge. I'll use strong passwords. I'll encrypt my filesystem with EFS. You tell me how long it's going to take you to (1) crack EFS and get the hashes, and (2) crack the hashes and give me plaintext passwords.

[antiRepublicrat]

Look, here's the challenge.

Or here's another challenge. Give a cracker a statistically meaningful sampling of 1,000 Windows boxes (latest version, fully patched) across the world and one of 1,000 modern *NIX boxes. He has a generous six months and several high-speed PCs (say nice, fat quad Opterons) to complete the cracking. How many Windows boxes do you think he'll get the passwords from? How many *NIX boxes?

My guess: he'll get maybe a couple *NIX passwords, and most the passwords from all but a few of the Windows boxes.

Of course, my challenge actually makes it more probable that a *NIX password can be broken. Since it involves possibly tens of thousands of passwords, he can improve his odds by picking the one salt that repeats most throughout the collection (a couple repeats if you're really lucky) and building a table for that salt. Then he can run the table against just those few passwords. Otherwise, he'll be spending his computing resources breaking them one at a time.

But your challenge does sound interesting. I say use Advanced EFS Data Recovery from Elcomsoft (they same guys who broke PDF protection) to get around the EFS, then use Rainbow Crack on the passwords.