Much of this chapter has focused on different"likely" passwords to try when initializing an educated bruteforce attack. We can go on forever list-ing common passwords - names of pets, historical dates, room numbers " book titles - not to mention all of the above with vowels removed, backwards, and in various anagram
forms. There comes a time when you have to forget about trying to limit the number of possiblepasswords to a select few, because your "limited" number will be as infinite as before you put the restrictions in place. Besides, a password may be "easily guessable" and yet be secure enough to thwart your attempts to guess it.
The password "Smith" is not secure, and "Jones" is not secure, but"Smith@#Jones" is as ob-scure as anything. Outsiders see password guess-ing as a valiant pastime for the hacker, but in es-sence it is only the beginning of the hack. Brute force is best carried out by computers, and should really only be used when a computer is necessary to gain access (I'm thinking about Robert Morris Jr.'s worm program asan example).The thing is, the whole business of hacking has to do with skill and knowledge. Brute forcing pass-words requires little of either. But no one's going to look down on a hacker who does some educated brute force work, especially if that hacker has a good reason for doing so. But don't rely on the computer's brawn to do your dirty work: Use the ingenious computing power of your brain. And that is the topic of the following two chapters. "Computer crimes deal with people to a far greater degree than they deal with
technology.
