Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
VPhone is a wee “phone”, surely the most wee of them all. It has a 1.54-inch touchscreen display, Bluetooth, FM radio, pedometer, 128MB (megabytes!) of storage, a heart rate monitor, some social network-monitoring apps, and a choice of “simple and stylish” black or silver trim. The radio’s quad-band GSM, so if you can get your […]
Withdrawn by Samsung and recalled from store shelves, the explosion-prone Galaxy Note 7 is now forbidden in the skies. The Federal Aviation Administration has officially banned it, via an emergency prohibition order, making it a federal crime to take one on board an airplane. The order restricts passengers from carrying the phone “on their person, […]
Beam is a lightbulb replacement that screws into any light-socket and turns it into a remote-controlled LCD projector.
This Python Mega Course will help you learn to code by teaching you to build 10 real-world apps that each highlight a unique use of Python.Job prospects for coders are still growing steadily—and with Python being one of the most popular coding languages out there today, it’s important for job seekers to demonstrate a widespread understanding of the […]
The Atmos R2 may be bigger than the brand’s previously-released vapes, but we argue that in this case it’s definitely a good thing. A bigger heating chamber means more room for packing it full. And the bigger battery means longer, more fulfilling vape sessions. In fact, you can use the Atmos R2 for up to about 25 […]
These days, there is huge demand for ethical hackers. Companies pay these professionals to identify and remedy security holes in their networks before malicious hackers find and exploit them. What’s great about this is that if you love hacking or think you may love hacking, you can do it for a living and not as […]