Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
This handheld magnifying glass has two bright LEDs and is powered by 3 AAA cells (not included). The manufacturer says the magnification is 40X. I think it is less than that, but it is still plenty powerful for my needs – mainly, reading the markings on tiny electrical components and checking the layer fusion on […]
The European Commission is probing whether Samsung televisions’ sensed when they were being tested for energy efficiency and changed their power consumption to get better ratings than they deserved.
The curved bottom of the cup peeks through your drink as the level drops down, moving the “moon” from full to a fingernail-paring sliver. Of course, it works better if you drink something cloudy and white — it’s designed some cloudy Korean rice-wines, but would also work with Pernod and water, I’m thinking.
Power up your gadgets in the most unexpected places with the extremely compact SolarJuice battery pack. SolarJuice charges up at home like your average battery pack, but also lets you add extra juice on-the-go using its built-in solar panel—so you’ll never be left unplugged from the digital world.4.5 Stars on Amazon!Simultaneously charges 2 devices at […]
Hold your camera to higher standards with the brand-new iBlazr 2, the most advanced LED flash to date. Simply attach to your smartphone, tablet, or DSLR camera. Conveniently sized and wireless, this premium flash will let you easily take amazing photos in low light situations. It’s a literal snap to use: simply attach to your […]
Moment of truth: Is “Microsoft Office Expert” on your resume, but not totally accurate? This pay what you want bundle will not only help you brush up on old skills, but teach you advanced techniques that will impress your current and future boss. From intricate Excel formulas to Outlook organization hacks, you’ll not only boost […]