Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
A flashlight review that begins with the promise “I’m about to hike through a remote canyon to an abandoned mine, and I gotta tell you there’s a storm raging outside” should end on an interesting note, and this one does. [via] Disturbing, strange sounds. That’s exactly what I caught on video while filming and documenting […]
Reflectacles, the hyper-reflective Ray Ban-style $75 glasses frames that Scott Urban is Kickstarting have a new feature: now you can get ones doped with materials that reflect the infrared light that CCTVs kick out to let them capture images in low light, which blind cameras’ sensors. Cool!
Typewriter historian Martin Howard (previously) writes, “I was able to pick up a rare and exquisite Waverley typewriter (1896) this summer in Scotland and have just the other day posted it to my website all cleaned and ready to show.”
The Pocket Tripod PRO had massive Kickstarter success in 2013, raising almost $85,000 in a single month. But this isn’t just another case of pre-release product hype.This ingenious little device folds out from a credit-card-shaped plastic slab into a sturdy stand with a surprisingly wide range of motion. In portrait orientation, your phone slides snugly […]
Loot Crate is a totally different kind of subscription service that mails subscribers monthly boxes filled with curated geek, pop culture, and gamer paraphernalia. Its cult following awaits a box every month filled with everything from bobble heads to T-shirts to special edition collectibles. But nothing gets Loot Crate fans as excited as the limited […]
The ARMOR-X Mini Flexible Phone Tripod is a smartphone tripod that is designed with flexible legs to rest on virtually any type of surface. Other tripods have proved useless unless I conveniently have a flat surface in front of me, which is why this particular tripod was appealing enough to try out. The ARMOR-X is compact and easy […]