Security Ledger reports on a breakthrough in password-cracking, using 25 graphics cards in parallel to churn through astounding quantities of password possibilities in unheard-of timescales. It's the truly the end of the line for passwords protected by older hashing algorithms and illustrates neatly how yesterday's "password that would take millions of years to break" is this year's "password broken in an afternoon," and has profound implications for the sort of password hash-dumps we've seen in the past two years.
A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here), has moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at 10 Gbps and 20 Gbps over Infiniband switched fabric.
Gosney’s system elevates password cracking to the next level, and effectively renders even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete.
In a test, the researcher’s system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using NTLM (NT Lan Manager), for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference.
New 25 GPU Monster Devours Passwords In Seconds [Security Ledger]
To my delight and awe, I have discovered a whole, new-to-me universe of "realistic flame" effect LED lightbulbs, which produce the illusion that you have a goblet of raging flame sticking out of your lightsocket: the bulbs come in a wide variety of shapes and sizes (and can also be had in fanciful colors, for […]
A couple of years ago, I was asked if I’d like to review the reMarkable tablet. If you’re unfamiliar with it, the reMarkable is an E Ink slate and pen solution that provides a digital note taking and sketching solution that feels eerily close to writing on paper. I was excited to take it for […]
Samsung’s latest phones have a “portrait” mode that cleverly fakes the look of a shot taken with a fancy lens on a full-frame sensor. But a picture they used as an example in an ad turns out to be a stock photo taken with a high-end DLSR. Moreover, the photographer, Dunja Djudjic, has a blog […]
For the true audio enthusiast, there’s a lot of difference between putting on some songs “for background music” and a true listening experience. For the latter, there’s nothing like a pair of sturdy headphones and the powerful speakers that come with them. And the wireless variety doesn’t get much more powerful than the TREBLAB Z2 […]
Digital or analog, there’s a path of least resistance for any project. Finding that path is what the Agile methodology is all about, which is why proficiency in it is a must for any project management position – and the paycheck that comes with it. And the quickest path to learning Agile? The Agile Project […]
Everybody’s flown a paper airplane. But what if you could fly on a paper airplane? Until we invent shrink-ray technology, the PowerUp X FPV Video Paper Airplane Kit will have to do – but it’s as fun as that sounds and more. The original version of this creative toy added drone tech to the old, […]