press here to print Newsletter
Issue 28 - February 17, 2009
Table of contents:
????Program Review: VLC Media Player
????Microsoft offering a reward...
????Textbook scam or the old ones are the best.
????Password Security Part 1.
????Fancy writing?

Welcome[ TOP ]
Hi all! Many of you will have noticed that it?s been a while since our last newsletter was sent out. We?re sorry about that! We haven?t forgotten about you, it?s just that it?s been a busy time recently for all of us at!

We hope you enjoy this issue and also hope it won?t be so long until we piece together the next one!

Program Review: VLC Media Player[ TOP ]
VLC Player ? Media with a difference

Note: For the purposes of this article I have made a couple of videos to guide you through the downloading and installation processes. Links to these will be indicated by whilst standard links are indicated by {number} and can be found at the end of the article.

At first glance, VLC Media player doesn?t impress particularly. Far from the sleek interface of itunes and windows media player, VLC just has the standard play, stop, pause buttons, and volume control. However, it is not looks that this program is famous for ? it?s the ability to play pretty much anything.
Ever put a DVD into the computer only to get an error message ?windows media player cannot play this file?? This is because by default, windows media player only supports a small range of formats. VLC, on the other hand can play over a hundred different formats ? everything you could possibly want. For a full list of the formats VLC is capable of using, see the ?overview? page on their website. {1}

Even if your current media player plays all the files you want it to you should still give VLC a try. Other advantages include a lightning fast launch (for when you just want to play one song and can?t wait for your entire music library to load), skinnable interface (so you can change the look and feel ? it is even possible to imitate Windows Media Player or iTunes), ?snapshot? feature (so you can take stills), network playback (so you can watch online TV), looping (if you want to play back a certain part of the video on repeat) and much more!

The program has great documentation (that?s the technical word for ?instructions/manual?) which can be accessed here {2} but for now I?ll run you through using some of the features I?ve mentioned above.
Download, install and launch the program. <1> It will look like this:

Taking snapshots:

Go to the tools menu and selct ?advanced controls? the player will now look like this:
Use the button with a camera on it to take a snapshot. This will then automatically be saved into your my pictures/pictures folder.
Looping: with the advanced controls enabled start the movie, navigate to the point where you want to start the loop and press the button next to the snapshot button with ?A? -->?B? on it (the arrow looks a little different!) then move to the point you want to loop to and press the button again. Finally press the button a third time to loop between the two points.

Network streaming and watching TV:

Go to the playlist menu, then ?additional playlists and select ?shoutcast TV listings? or shoutcast radio. Then go back to the Playlist menu, select ?show playlist? and choose the playlist you want from the left. I haven?t tried this feature much so I?m unsure as to the quality of the channels but it?s worth a try!

Skinning VLC:
Download a skin from the VLC website {4}, <2> then open VLC and go to tools>>>preferences. Under Interface settings there is a ?skins? section ? you?ll need to enable it and then click ?browse? ? navigate to where you downloaded the skin and press ?open.?

Finally, click ?save? and reload VLC. It will now have the skin you have chosen. Now, you may notice that the menus are now missing. You can access them by right clicking on the skin. In order to remove the skin the easiest thing to do is to close VLC then go to your start menu>>>VideoLan>>>Quick Settings>>>Interface>>>Set main interface to Qt (default) before reloading the player.

So there you go ? a brief overview into some of VLC?s finer features. The program has eight downloads per second ? I?m not the only person to find it useful! I think, if you give it a go, you?ll become very attached to the program, even growing to like the slightly peculiar icon!


Article by: Philip McMahon:

Microsoft offering a reward...[ TOP ]
It would appear that Microsoft have ran out of ideas and are now looking for other Computer geeks out there to help them! The ?250K reward may be enough to entice some of us ?computer geeks? out there to give it a go!

Submitted by: Michelle (

Textbook scam or the old ones are the best. [ TOP ]
A Canadian man who fell for a 419 scam was taken for $150,000 by advance fee fraudsters who conducted a textbook operation to fleece their victim.

John Rempel of Leamington, Ontario, got an email back in 2007 from "someone claiming to be a lawyer with a client named David Rempel who died in a 2005 bomb attack in London", the /Windsor Star/ reports. The email claimed the "deceased" had left $12.8m, and since he had no family "wanted to leave the money to a Rempel".

Those of you familar with 419 scams will note there isn't one aspect of this operation which doesn't come from the Lads from Lagos manual: a surprise inheritance; up-front fees and taxes; the fake bank account trick; magic money-laundering fluid; plane ticket expenses; bribes, etc etc.

So beware!

Full article published by theregister 15th January 2009

Submitted by Colin Watson (

Password Security Part 1.[ TOP ]
Security is one of the most sought after, yet elusive aspects of modern information technology and computing. Anyone and everyone from government agencies, to large and small businesses, to individual people use passwords, pins, keys, and encryption in their daily lives; all in an effort to keep out those who do not belong. Unfortunately, many people take the security given by a simple password for granted, thinking it's impossible or highly unlikely that someone could break through it. This leads to lax security, making potential targets. Here, I'm going to show you how insecure many common passwords are, and what you can do to guard against having your security broken.

One of the most common and primitive methods of cracking a password is brute-forcing. I myself have written a brute-forcer in the past, and even now I continue to work on it in order to better understand and guard my own security. The basic method of how a brute-forcer works is that it generates either random or sequential strings of text until it gets the password right. Often times, this is one of the longest methods of cracking, but it guaranteed to work, given enough time and processing power. Another form of password cracking is what's known as a dictionary attack, where the cracker uses a set of predefined words or phrases that are modified, mixed, and checked against the system being attacked until the right password is found. Often times when a dictionary attack is employed, it will be combined with a brute-force attack to ensure success. Using a dictionary attack can significantly cut down the amount of time needed to crack a password, provided the person who created the password used words or phrases that are contained in the English dictionary.

As previously stated, any password can be cracked, given enough time and processing power. To give you an idea of how to better your odds of keeping your systems secure, here are a few bits of information for you. With a password using a combination of lowercase letters and numbers, six characters in length, the number of possible combinations is roughly 2.2 billion. My brute-forcer can generate and check about 300,000 strings against a password every second (Run on an Intel T7300, 2.0 ghz), which means that, if I'm lucky, cracking this password will take about two hours.

Now as you add characters to this password, it takes exponentially longer to crack, meaning it becomes exponentially more secure. Depending on the character sets used in the password, the number of possible combinations can become so great that the cracking of this password becomes a logistical nightmare for the cracker, if not impossible.

Although longer, more complex passwords are harder to remember, please, resist the urge to create a short password, or a password using any words or phrases contained in a dictionary. I described the cracking of a six-character password using a brute force method, on a fairly low end mobile processor. You might think you can get away with using just a few more characters, or mixing in a number here and there, but doing so would still not be secure. It might become unfeasible to crack on a commonly available processor, but there are other faster, cheaper methods of cracking available.

More modern methods of password cracking now utilize advanced methods to run code directly on high-end video cards. This is known as GPGPU, or General Processing on a Graphics Processing Unit. Newer GPU's such as ATI's 3800 and 4800 series carry several hundred programmable pipelines known as stream processors that are designed for highly parallel tasks. Obviously, the most common usage of this parallel processing power is gaming, but recent experimentation has shown them to be vastly more powerful than a desktop pc processor when it comes to massive scale floating-point operations. Cracking is one of the parallel tasks that can benefit from GPGPU acceleration.

The reason brute-forcing is so much more efficient on a GPU is because the application being used to crack the password can run a single independent thread on each stream processor. Because none of these threads need to communicate with each other in a randomly seeded cracker, it is possible to see performance gains that allow passwords to be cracked in minutes, instead of hours or days. Because of this, it is even more vital to use a secure, lengthy password with no recognizable pattern.

In summary, don't underestimate the ingenuity and resources of crackers. If there's a weakness in your password, it's only a matter of time before a resourceful cracker finds his way through; billions of dollars are stolen annually, make sure you're not part of the statistics. Make sure your passwords contain a mix of letters (lowercase and uppercase), numbers, and punctuation; never use a lower-case only password. Lastly, make sure your password is of an appropriate length. I personally would never trust the security of any password less than ten characters in length, no matter what character sets are used in it. Also, the longer your password is, the better. Keep these tips in mind, and the chances of your security being compromised will be astronomically low.

Article by: Joseph Kogut (

Fancy writing?[ TOP ]
If you fancy writing an article for our newsletter (which has over 8000 subscribers) then why not drop us an e-mail at
The articles do not need to be technology related, just something which will be of general interest to our subscribers!

Credits[ TOP ]
Editor Ross Connor (


Colin Watson
Joseph Kogut
Philip McMahon:

Comments or Feedback:

Copyright ? 1996 - 2009,