Moxie Marlinspike and David Hulton's Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate presentation from Defcon is now a reality. If you want to crack a MS-CHAPv2 PPTP authentication handshake (like the one I use when I connect to IPREDator, the secure proxy I favor), they'll exhaust all of the DES keyspace for you for a mere $20, usually in less than a day.
Basically, MS-CHAPv2-based VPNs should now be considered insecure and not fit for purpose. Plus Moxie and David can brute force all of DES for $20. Yowza.
A Week Of Discounted Cracking
For this week (9/23/2012), we will be offering deeply discounted MS-CHAPv2 cracking jobs by reducing the price from $200 to $20. This means that any PPTP VPN connection or intercepted MS-CHAPv2 WPA Enterprise wireless credentials can be cracked and decrypted with a 100% success rate for only $20.
The one major caveat is that an influx of additional jobs might increase the pending queue depth and cause MS-CHAPv2 jobs to take slightly longer than ususal, but we'll see how it goes.
Cheaper MS-CHAPv2 Cracking
(via Hacker News)
Bunnie Huang blogs his recent Open Hardware Summit talk on the future of open hardware. Bunnie says that open hardware stands to grow from a niche in the global hardware market to an important segment, thanks to phenomena like "heirloom laptops" (and boy, isn't that a provocative coinage!?).
Someday, you cannot rely on buying a faster computer next year. Your phone won’t get any smaller or more powerful. And the flash drive you buy next year will cost the same yet store the same number of bits. The idea of an “heirloom laptop” may sound preposterous today, but someday we may perceive our computers as cherished and useful looms to hand down to our children as part of our legacy.
This slowing trend is good for small businesses, and likewise open hardware practices. To see why this is the case, let’s revisit the plot of Moore’s Law versus linear improvement, but this time overlay two new scenarios: technology doubling once every 24 and 36 months...
In the post-Moore’s law future, FPGAs may find themselves performing respectably to their hard-wired CPU kin, for at least two reasons: the flexible yet regular structure of an FPGA may lend it a longer scaling curve, in part due to the FPGA’s ability to reconfigure circuits around small-scale fluctuations in fabrication tolerances, and because the extra effort to optimize code for hardware acceleration will amortize more favorably as CPU performance scaling increasingly relies upon difficult techniques such as massive parallelism. After all, today’s massively multicore CPU architectures are starting to look a lot like the coarse-grain FPGA architectures proposed in academic circles in the mid to late 90’s. An equalization of FPGA to CPU performance should greatly facilitate the penetration of open hardware at a very deep level.
There will be a rise in repair culture as technology becomes less disposable and more permanent. Replacing worn out computer parts five years from their purchase date won’t seem so silly when the replacement part has virtually the same specifications and price as the old part. This rise in repair culture will create a demand for schematics and spare parts that in turn facilitates the growth of open ecosystems and small businesses.