Editing ElcomSoft

{{Short description|Russian software company}}
{{distinguish|text = [[Elcom Technology]], the Australian Internet solutions software company}}
{{Infobox company
| name       = ElcomSoft Co.Ltd.
| logo       = Elcomsoft.png
| type       = [[Private company|Private]]
| foundation = 1990
| location   = Moscow, Russia
| industry   = [[Software]]
| genre      = [[password cracking|Password Cracking]], [[Information technology security audit|Operating System Audit]]
| website    = 
}}

'''ElcomSoft''' is a privately owned software company headquartered in [[Moscow, Russia]]. Since its establishment in 1990, the company has been working on computer security programs, with the main focus on password and system recovery software.

==DMCA case==
{{main|United States v. Elcom Ltd.}}

On July 16, 2001, [[Dmitry Sklyarov]], a Russian citizen employed by ElcomSoft who was at the time visiting the United States for [[DEF CON (convention)|DEF CON]], was arrested and charged for violating the United States [[DMCA]] law by writing ElcomSoft's Advanced eBook Processor software. He was later released on bail and allowed to return to Russia, and the charges against him were dropped. The charges against ElcomSoft were not, and a court case ensued, attracting much public attention and protest. On December 17, 2002, ElcomSoft was found not guilty of all four charges under the DMCA.<ref name="Ardito">{{cite journal |title=The Case of Dmitry Sklyarov—This is the first criminal lawsuit under the Digital Millennium Copyright Act |author=Stephanie Ardito |journal=[[Information Today]] 
|volume=18 |issue=10 |date=November 2001 |url=https://www.infotoday.com/IT/nov01/ardito.htm |accessdate=March 18, 2021}}</ref>

==Thunder Tables==
[[Thunder Tables]] is the company's own technology developed to ensure guaranteed recovery of [[Microsoft Word]] and [[Microsoft Excel]] documents protected with [[40-bit encryption]]. The technology first appeared in 2007 and employs the [[time–memory tradeoff]] method to build pre-computed [[hash table]]s, which open the corresponding files in a matter of seconds instead of days. These tables take around four gigabytes. So far, the technology is used in two password recovery programs: Advanced Office Password Breaker and Advanced PDF Password Recovery.<ref>{{cite web |title=Password Recovery, License to crack |publisher=[[International Council for Scientific and Technical Information]] (ICSTI)  |author=Yury Ushakov |url=http://www.icsti.su/uploaded/201306/Ushakov.pdf |accessdate=March 17, 2021}}</ref>

== Cracking Wi-Fi passwords with GPUs ==
In 2009 ElcomSoft released a tool that takes [[Wi-Fi Protected Access|WPA/WPA2]] Hash Codes and uses [[Brute-force attack|brute-force methods]] to guess the password associated with a wireless network.<ref>{{Cite web | url=http://hothardware.com/cs/forums/t/41491.aspx | title=HotHardware Forums}}</ref>

The advantages of using such methods over the traditional ones, such as [[rainbow table]]s,<ref>{{Cite web |url=http://wirelessdefence.org/Contents/coWPAttyMain.htm |title=Archived copy |access-date=2012-03-20 |archive-url=https://web.archive.org/web/20120326001431/http://wirelessdefence.org/Contents/coWPAttyMain.htm |archive-date=2012-03-26 |url-status=dead }}</ref> are numerous.{{how|date=May 2024}}

== Vulnerability in Canon authentication software ==
On November 30, 2010, Elcomsoft announced that the encryption system used by [[Canon cameras]] to ensure that pictures and [[Exif]] [[metadata]] have not been altered was flawed and cannot be fixed. 
On that same day, [[Dmitry Sklyarov]] gave a presentation at the Confidence 2.0 conference in [[Prague]] demonstrating the flaws.<ref>{{cite web|url=http://201002.confidence.org.pl/prelegenci/dmitry-sklyarov|archive-url=https://web.archive.org/web/20181025001307/http://201002.confidence.org.pl/prelegenci/dmitry-sklyarov|title=Dmitry Sklyarov|archive-date=2018-10-25|access-date=2023-08-08}}</ref>  Among others, he showed an image of an astronaut planting a flag of the [[Soviet Union]] on the moon; all the images pass Canon's authenticity verification.<ref>{{cite web |last1=Kirk |first1=Jeremy |title=Analyst finds flaws in Canon image verification system |url=https://www.pcworld.idg.com.au/article/369757/analyst_finds_flaws_canon_image_verification_system/ |website=PC World from IDG |publisher=IDG Communications |accessdate=27 September 2019 |date=1 December 2010 |archive-date=27 September 2019 |archive-url=https://web.archive.org/web/20190927181108/https://www.pcworld.idg.com.au/article/369757/analyst_finds_flaws_canon_image_verification_system/ |url-status=dead }}</ref><ref>{{cite web |last1=Doctorow |first1=Cory |title=Dmitry Sklyarov and co. crack Canon's "image verification" anti-photoshopping tool |url=https://boingboing.net/2010/11/30/dmitry-sklyarov-and.html |website=Boing Boing |accessdate=27 September 2019 |date=30 Nov 2010}}</ref>

==Nude celebrity photo leak==
In 2014 an attacker used the Elcomsoft Phone Password Breaker to determine celebrity [[Jennifer Lawrence]]'s password and obtain nude photos.<ref>{{cite news |title=The Nude Celebrity Photo Leak Was Made Possible By Law Enforcement Software That Anyone Can Get |author=Dylan Love |date=September 3, 2014 |publisher=IBT Media |work=[[International Business Times]] |url=https://www.ibtimes.com/nude-celebrity-photo-leak-was-made-possible-law-enforcement-software-anyone-can-get-1677314 |accessdate=March 17, 2021}}</ref>  [[Wired (magazine)|Wired]] said about Apple's [[cloud computing|cloud]] services, "...cloud services might be about as secure as leaving your front door key under the mat."<ref>{{cite news |title= The Celebrity Photo Hacks Couldn't Have Come at a Worse Time for Apple--The message to the world is that if it's that easy to hack Jennifer Lawrence's iCloud account, it's probably that easy to hack mine, too. |author=Marcus Wohlsen |date=November 2, 2014 |url=https://www.wired.com/2014/09/the-celebrity-photo-hacks-couldnt-have-come-at-a-worse-time-for-apple/ |accessdate=March 17, 2021}}</ref>

== References ==
{{reflist|2}}
{{Portalbar|Companies|Russia}}
{{Authority control}}

[[Category:Software companies established in 1990]]
[[Category:Computer law]]
[[Category:Cryptography law]]
[[Category:Software companies of Russia]]
[[Category:Computer security software companies]]
[[Category:Companies based in Moscow]]
[[Category:Russian companies established in 1990]]
[[Category:Cryptographic attacks]]
[[Category:Password cracking software]]