Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
Super Retro-Boy is a compact, minimal reimplementation of Nintendo’s classic Game Boy with the look as well as the tech. It plays real cartidges, including those from the full-color Game Boy Advance—presumably this is why there are four buttons. It gets 10 hours on a charge, and will come with a 10-in-1 game from Retro-Bit […]
A T-Mobile customer in Florida drove her SUV into the store, smashing through the front window and coming to a stop deep in the showroom. Then she emerged from her disabled vehicle, hefted a broken window frame, and smashed a display. “What is wrong with her?” calls out an unseen observer. According to witnesses who […]
Slovenia’s Maheno corporation manufactured a series of Barbie-branded and white label typewriters for kids, with a hidden feature that allowed their owners to use them to produce messages encrypted with a simple substitution cipher.
Using my iPhone while it’s charging is always a hassle. With tucked-away outlets and the meager length of included lightning cables, comfortable scrolling while plugged in is annoying. These 10-Ft MFi-Certified Lightning Cables are super convenient and probably the best iPhone accessory purchase I’ve made.At over three times the length of normal cables, these reach anywhere you […]
With countless applications for modern life, artificial intelligence (AI) is one of the most in-demand fields of study in tech. Beyond modelling human decision making processes and learning abilities, AI can be used to analyze massive volumes of data and create complex interactive systems.This Machine Learning & AI for Business Bundle made mastering these concepts possible for […]
Computer hacking isn’t just something happening to the DNC. Major software companies need white-hat hackers to ensure the security of their products and users, and I came across a Computer Hacker Professional Certification Package that conveniently teaches those advanced IT techniques online.This course package will prepare you for various computer security certification exams with over 60 hours […]