Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
The new Moto Razr is a handsome retro thing. At $1500, though, who wants a 6.2-inch foldable smartphone designed to resemble a classic flip-phone? The hinge design of the Moto Razr is probably the most interesting thing about it. The best Samsung can currently do in the foldables space is the Galaxy Fold, which, thanks […]
After years of poorly-received MacBook Pro models, Apple’s new sixteen-inch model has a lot riding on it.
Here’s an ad from Hikvision, the worlds’ largest security camera company, boasting of its products’ utility in detecting people’s ethnicity. James Vincent writes that it “speaks volumes about the brutal simplicity of the techno-surveillance state.” [via @CharlesRollet1, who points to an archived webpage that details the “Uyghur detection” feature]
Need a boost on that resume? Get a valuable tech education on your own time with these eBook bundles. They contain guides from Packt Publishing that cover everything from game development to machine learning. The Complete Mobile App Developer eBook Bundle It’s a veritable gold rush in the App Store these days. Get in on […]
Vinyl is officially back. People are hearing the proof behind the initial “retro” excitement: that records really do have a richer sound. And if you haven’t switched to old-school records for serious listening, it’s a new golden age. Why? Because quality turntables like the Altec Lansing ALT-500 are finally available to a market other than […]
Between all of our apps, streaming devices, Bluetooth speakers, and energy-sucking decorations, paying for utilities each month can be…brutal. In fact, the average household spends roughly $70 a month on the water bill alone. That number might not seem terribly significant, but when you add it up, that’s $840 a year — a pretty significant […]