Hackers at a security conference in Malaysia failed to break into ViaTechnologies Inc.’s StrongBox security application during acompetition, Via officials said Friday, but the company gathered somevaluable feedback from participants.The Taiwanese microprocessor vendor offered a US$5,000 prize to anyhacker that could break into StrongBox, which is a secure virtual harddrive of up to 40G bytes designed to protect data from computerintruders. Announced on Tuesday, the application is made using acombination of hardware-based SHA-1 and 256-bit AES encryption.The company ignored a one-hour time limit rule it had in place for thecontest, and allowed conference attendees as much time as they wantedto try to break into StrongBox.One useful piece of advice Via took away from the show was regardingthe password login. The software asks users to choose how many failedpassword attempts it should accept, with a maximum of five, beforefreezing a user out for an unspecified period of time. But one hacker pointed out he could figure out a way to set the numberat zero, giving a potential data thief unlimited tries to guess thecorrect password. Without such a limit, someone could use a custom CDwith every word in the dictionary and word/number combinations to findthe right password. Such CDs take only a few minutes to run.Tim Brown, a marketing manager at Via, said the value of the contest was in the feedback and the publicity. “These are very knowledgeable people, with a unique way of thinking,” he said.Via’s contest gambit was risky. Hundreds of hackers had gathered at theHack in the Box Security Conference to share information and learn moreabout security. It’s the kind of show that attracts participantswearing T-shirts that say “I read your email,” and one who boasted ittook him just minutes to get the hosting hotel’s name and room numberlist — which enabled him to get a key to a room that was not his (itwas a friend’s), and bill hotel Internet usage charges to his friend’sroom, for fun.He insisted he would pay the friend back.The StrongBox security application is designed for computers based onVia’s C7 and C7-M processors that have the company’s PadLock SecurityEngine. The company used a new Twinhead Corp. laptop, the Efio!12BL,which uses a Via C7-M 1.5GHz mobile processor, for the contest.StrongBox was developed to showcase the hardware encryptioncapabilities of the C7 and C7-M processors and to offer a secure meansof protecting information stored on a notebook computer in the event ofloss or theft, according to the company.By Dan Nystedt – IDG News Service (Taipei Bureau) Related content brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security news Teachers urged to enter schoolgirls into UK’s flagship cybersecurity contest CyberFirst Girls aims to introduce girls to cybersecurity, increase diversity, and address the much-maligned skills shortage in the sector. By Michael Hill Sep 26, 2023 4 mins Back to School Education Industry IT Training news CREST, IASME to deliver UK NCSC’s Cyber Incident Exercising scheme CIE scheme aims to help organisations find quality service providers that can advise and support them in practising cyber incident response plans. By Michael Hill Sep 26, 2023 3 mins IT Governance Frameworks Incident Response Data and Information Security news Baffle releases encryption solution to secure data for generative AI Solution uses the advanced encryption standard algorithm to encrypt sensitive data throughout the generative AI pipeline. By Michael Hill Sep 26, 2023 3 mins Encryption Generative AI Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe