Posted on 10/24/2018 8:19:53 AM PDT by DUMBGRUNT
As every schoolchild knows, some sorts of mathematics are harder than others...
Factorising numbers into their constituent primes may sound esoteric, but the one-way nature of the problem—and of some other, closely related mathematical tasks—is the foundation on which much modern encryption rests.
...The only catch was that for large numbers his method—dubbed Shor’s algorithm—needs a quantum computer to work.
...One question is, when is the deadline? When will an internet-breaking computer actually be available?...
(Excerpt) Read more at economist.com ...
Fixing things will be tricky.
Time to start stocking up on liquid nitrogen?
And maybe you thought the bitcoin miners had some high-zoot hardware?
Q is missing.
So it’s not a Q thread?
There’s not enough computing power on the planet that thwart the Block Chain technology behind Bit Coin and other cryptocurrencies (that’s a fact).
True, right now. However, quantum computing could instantly change that fact.
Just use a quantum computer to create new encryption.
Block Chain technology behind Bit Coin and other cryptocurrencies .
A chain is only as strong as the weakest link,(that’s a fact). How much did Mt Gox lose?
No not the ‘chain’ that was hacked.
“Why is it that when one man builds a wall, the next man immediately needs to know what’s on the other side?”
Just use a quantum computer to create new encryption.
On the plus side, I HATE PASSWORDS!
Could be the end of passwords?
I tried a fingerprint reader on my workstation, until one of my buds ask, what if you cut your finger?
Still new in the box and on the shelf!
Yes, I know the old way still works... and I still hate it!
I don’t believe in that Q stuff!
The chain wasn’t hacked, that is correct. You’d have to go back to the Genesis block and recalc/solve/prove every packet, not possible.
The wonder is why crypto platforms that hold your actual crypto balances aren’t using block chain to store the amounts of each currency?
From the article:
For example, in 1996 researchers reported the first weaknesses in md5, a type of widely used cryptographic algorithm called a hash function. A drop-in replacement was readily available in the form of another algorithm called sha-1. After more than two decades of exhortations to upgrade, though—not to mention high-profile cyber-attacks exploiting md5’s weaknesses—the older algorithm is often still used.
I would point out that a default configuration of Microsoft Active Directory uses an un-salted MD5 hash of the passwords. So if a domain is using such an AD configuration, and a hacker is able to capture a log in sequence, the hash of the password is transmitted. The hacker can then OFFLINE crack that password.
I have built a custom cracking rig for my company and we offer a service called PASS that tests the strength of passwords. To give you and idea of the performance, against a target set of 2,000 accounts in the AD, we tested 2.1 billion passwords that we scraped from the darkweb in less than 5 minutes. When testing our client’s AD accounts, we normally have a success rate of 20 to 25% for guessing passwords.
You may want to consider replacing AD with OpenLDAP and used the crypt or salted SHA hash to protect passwords. However, be aware that migrating from AD to OpenLDAP is a significant project.
Ours are safe because they're based on old, non-networked computers using 8 inch floppy disk drives!
How do you brute-force a password if the software includes a "three strikes and you're out" feature?
How truly safe is a password if the system dictator administrator requires it to be so long and convoluted (must have capital, must have special character, must be 10 digits, must be changed monthly, must not be similar to the previous 10 passwords, etc.,) that the user must write it down on a Post-it stuck to their monitor?
The quantum computer runs on Windows 10 and no one knows what it might be capable of, since it has been installing updates since it was turned on.
I dont need the software to be present. I capture the transmission of the password by either sniffing the wire or capturing the WIFI traffic. Once I have that hash, I dont need the software to crack the password.
NIST recommends that secure passwords be a minimum of 14 characters.... so stop thinking of passWORDS and start using passPHRASES
“I love the Rockies!”
change the o to 0
Now becomess:
“I l0ve the R0ckies!”
19 characters / Capitals / lower case / numbers / special characters
TWO THUMBS UP!
Mostly I run Linux, but a few applications require Win 10.
So I dual boot with a mostly empty Win partition.
After a major Win update a few months back, it would NOT accept my password.
I settled on doing a system restore, Should be quick?
No, it was not!
Probably a bazillion others also doing a restore.
I have not clicked on the Win partition since, and I’m not a Microsoft hater, but I now could be swayed.
Hey! That's the same password as my luggage!
Sorry, no spaces allowed, so it becomes "Il0vetheR0ckies!" and it's a passWORD again.
Again, you may be concerned with your one system, but as a user, I literally have hundreds of usernames and passwords for websites that I must keep track of, and each one has a different set of rules for the strength of the password.
Some of the password rules have become so convoluted that even your example may not pass muster.
How do I keep track of so many passwords and usernames? Two choices: Either trust another app that automatically stores your usernames and passwords for you (HA, bloody HA,) or write them down.
So the illusion of security is a 14 digit password that contains at least one capital, one lower case, one number, and one special character. The reality is that all of those passwords are written down, and can easily be discovered through old fashioned social engineering.
Remember how Ferris Bueller changed his grades?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.