1 posted on
07/22/2003 8:38:29 PM PDT by
Timesink
To: Timesink
Great News! [sarc]
2 posted on
07/22/2003 8:45:14 PM PDT by
Cold Heat
(Negotiate!! .............(((Blam!.)))........... "Now who else wants to negotiate?")
To: Bush2000
...
4 posted on
07/22/2003 8:53:48 PM PDT by
Jhoffa_
(For the clueless: Conservatives DO NOT believe in "subsidized" drugs.)
To: Timesink
This would be more useful if I knew what a "lanmanager hash" was. They want information from me that I don't even have, let alone am willing to give out. So what's the catch - you give them a code, they decode it for you?
5 posted on
07/22/2003 8:54:07 PM PDT by
meyer
To: Timesink
This is almost completely useless as an exploit.
6 posted on
07/22/2003 8:55:12 PM PDT by
general_re
(The wheel is turning but the hamster is dead.)
To: Timesink
Oh please. All you need is the emergency boot disk to have access to the whole Windows system sans password.
8 posted on
07/22/2003 9:15:24 PM PDT by
Southack
(Media bias means that Castro won't be punished for Cuban war crimes against Black Angolans in Africa)
To: Timesink
This isn't an exploit. It's a cute sophomore computer science programming exercise.
9 posted on
07/22/2003 9:19:32 PM PDT by
Ramius
To: Timesink
Assuming the numbers in the article...
This only speeds things up by a factor of 10,000, so a brute-force attack would only take about 14 hours. That may seem much longer but a password that can be brute-force cracked in 14 hours stinks big time And since the attacks can be done away from the target computer, what's the hurry?
Salting passwords does slow down the storage/time tradeoff attacks, but does zilch against the brute-force attack - the same password still takes only 14 hours to crack against Unix.
Does anyone know how much salt Unix uses these days? It believe it used to be only 12 bits. If that is the case now, 12 bits of salt only retard things by a factor of 4096. That could be a crack in 6 hours instead of 5 seconds with the same storage, a crack in 5 seconds with about 4000 GB, or a crack in 100 seconds with only about 200GB.
There is no technology to make a short password secure. Use a long password whether or not they make you.
bump
71 posted on
07/22/2003 11:12:28 PM PDT by
amarok
To: Timesink
We have implemented an online demo of this method which cracks alphanumerical passwords in 5 seconds average Except we only allow 3 bad passwords in a row. Sorry
75 posted on
07/23/2003 4:29:05 AM PDT by
AppyPappy
(If You're Not A Part Of The Solution, There's Good Money To Be Made In Prolonging The Problem.)
To: Timesink
Does this mean my wife will be able to find my porn?
Techies, anyone?
To: Timesink
bttt
92 posted on
07/23/2003 1:39:47 PM PDT by
tutstar
To: Timesink
Dude, that's some powerful hash!
93 posted on
07/23/2003 1:43:06 PM PDT by
jriemer
(We are a Republic not a Democracy)
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson