LabVIEW

---

Ravens Fan wrote:

So now we know the VI's can be cracked.  But I'd still be interested to know if anybody can figure out what my password is that I used in the VI in message 31.  I actually think Ben has a chance to figure it out based on the rules that Torpedo gave us and the clarification I added in message 47.  (Ben, if I get a chance to install LV8 anywhere, I'll try to create it in LV8 with that password so you can try.)

---

You mean XLVI wasn't a big enough hint even for you?  I'll admit it was mostly a victory for social engineering and that your guess that Ben would figure it out was the biggest hint.  I would not have associated the password with the Ravens (moreso after last night), but certainly with the Steelers.   

As to just figuring out the constants, that was a simple matter and did not even require cracking or looking at the passwords.

I should have posted the screenshot, I had a simple VI to test a bunch of compound words with 0-4 digits afterwards.  I was in the process of choosing the words by randomly selecting from a spellcheck dictionary, but had to test the code so I manually entered one value into the array of possible words.  Of course it hit, but it still took a moment to figure out what had happened.  I was like why did the loop stop early and the boolean turn on?  Oh yeah.

---

@Darin.K wrote:

---

Ravens Fan wrote:

So now we know the VI's can be cracked.  But I'd still be interested to know if anybody can figure out what my password is that I used in the VI in message 31.  I actually think Ben has a chance to figure it out based on the rules that Torpedo gave us and the clarification I added in message 47.  (Ben, if I get a chance to install LV8 anywhere, I'll try to create it in LV8 with that password so you can try.)

---

You mean XLVI wasn't a big enough hint even for you?  I'll admit it was mostly a victory for social engineering and that your guess that Ben would figure it out was the biggest hint.  I would not have associated the password with the Ravens (moreso after last night), but certainly with the Steelers.   

 

...

---

I know binary octal hex and decimal and a bit of ASCII but my knowlege of Roman numerals is generally limited to what I learned from the side of a six-pack.

Judging by your post the Raven must have done well last night. I was distracted with catching up on my favorite program followed by the new Alice in Wonderland (which I enjoyed).

Ben

I'm sorry Darin, I forgot that you posted that which clued me in you had figured it out.  Nice job!

Last night's performance was absolutely horrible and doesn't get us anywhere close to deserving to play the password.  The Jax defense definitely outplayed our offense.  Our defense played well and kept us in the game.  And as bad as our offense was, we still had a chance to win the game at the end and went and blew that.

Ohh no, what shame now everyone will know. I thought I could hide it but now the entire world can see it for themselves.

I don't know how to face the world any more.

I will have to tell the whole world my dirty little secret. I will have to own up to it.It's out now anyway.The shame!


I, I, I have yes its true CND



CND (compulsive neatness disorder) http://en.wikipedia.org/wiki/Orderliness

Well everyone has to have a label for something these days, don't they?

We've posted a Knowledge Base (KB) article on this subject; Security of LabVIEW VI Password Protection vs. Removing VI Block Diagrams, which explains, in some detail, why the VI password protection feature is implemented as it is and the alternative available when stronger protection is required.  We also plan to add a link to this KB in our product and/or help documentation, where appropriate, as part of our next major release.  Our aim is to do our best to help users be aware of the issue and understand their options.  I will monitor this thread for a bit and respond to questions or concerns as needed.

Sincerely,

Roy Faltesek
Senior Group Manager
LabVIEW R&D
National Instruments

Roy F,

Thank you for the link to the KB article.  I think it clearly explains the philosophy behind the decisions NI has made in regard to security and the limitations consequential to those decisions.

Lynn

Looks like NI must be leaning on this guy.  His website has been updated to not allow abuse and points to the KB Roy linked to.

Well, he's not the sharpest knife in the drawer, otherwise he would not host this on a German server. Germany has one of the toughest law (introduced in 2007) with repect to such activities.

Strafgesetzbuch 202c threatens fines and up to 1 year.

(It is clear that solely relying on passwords has never been a good security stance. I still lock my front door, even though 3 years of motion activated security footage tells me that nobody ever even tries to open it, and every little kid knows how to throw a rock through a window. ;))

---

LabVIEW Champion.

Yeah so he has put restrictions in place so it changes the password to a random one, and doesn't say what the md5 is of the new one.  Of course you could just put that new VI through it again to get the new MD5, and then he added a link to that googles the MD5 in an attempt to find the password to it. 

He also left the source code up so it's not like someone couldn't just put that on any PHP enabled site and run it on a batch of VIs.