Hello guest!
Compare latest consoles like Playstation 2, Xbox 360 Or PC Games & more.
Playstation 3: Great For Cracking Passwords
Playstation 3: Great For Cracking Passwords
Last updated on November 30, 2007 - 20:32.
In case you're already bored with Linux, cancer research and gravitational physics, here's a fourth reason to own a PS3: According to a recent talk held at the Kiwicon 2k7 security conference in Wellington, New Zealand, Sony's box does a terrific job in brute force password cracking as far as Microsoft Office, PDF, ZIP or Lotus Notes ID are concerned.
Eight-character 'strong' passwords can be broken in a couple of days whereas before it would take weeks.
--Nick "Tmasky" Breese via theage.com.au
But it gets better: With optimized code, Nick Breese, who is a gamer himself, manages to achieve impressive results on the PS3, when compared to an Intel Core 2 Duo:
[...] When implementing an md5 algorithm on a Core 2 Duo scalar processor, he was able to run through around eight million iterations of the checksum in a second.By optimising some code on the Playstation 3, which uses vector-based processing, his new figure was closer to 1.4 billion iterations a second.
--techtarget.com.au
— 
—
Last updated on November 30, 2007 - 20:32
97 points
Advertisment_Rightbar_Standard
Story Contributions By
— Jan
Story Tags
Delicious
Digg
Reddit
Newsvine
Facebook
Technorati
Do you want to do more than just read news or articles about games? Then join the GamersGlobal community today and grow from "User" to "Editor"! Together with our professional journalists, you'll be part of an accurate, high-quality, up-to-date gaming website. It's easy, it's free, it's fun -- so join us now to:
Vote
Publish
Co-op
Level
User created content, unless stated otherwise, is licensed under a
Creative Commons Attribution 2.0 Germany License. All other copyrights remain with their respective owners.
I guess the assumption here is that only certain letters are used for passwords, right? At least in my calculator the math doesn't add up with a full ascii-set.
255^8=17.878.103.347.812.890.625 (number of combinations for every possible char in a 8-character-password)
if you divide that through said 1.4 billion combinations per second and divide again through 86.400 (seconds in a day), I end up with a result of ~152,025.
And 152 Days is far from "a couple of days".
If I do the same math with only a-z; A-Z and 0-9 (62^8), then I end up with ~1.8 Days.
I guess the moral of the story is, it's always a good idea to use umlauts, French or Spanish letters (or similar) in your passwords.
Or maybe my math is flawed, happens to me all the time, in that case let me know.
Adding spelling errors to you password is commonly a good idea as well.
I believe your calculation with the 152 days is correct. If you look at the source article, you'll see that the "couple of days" refers to "passwords protecting Office, PDF, ZIP and Lotus Notes ID files", and that you would need "a thousand PlayStations" to crack "an eight-character Linux password in a few days."
So the news is perhaps slightly misleading. ;)
more interesting I guess is, how many Playstations would you need to crack a wooden door?
5
5
Yeah, 5
Is that some kind of security-thingy, or are we talking literal doors here? ;)
hmm, dunno. why 5?
I don't get it, too. I'm interested in why "exactly" 5 ?
And with "wooden door" we get a similar specification problem as in the original exercise: what type of wood, how thick is the door, etc.
But just answering 5 made me laugh - so don't take this one too seriously.
I've added that it mainly concerns Office, PDF, ZIP and Lotus Notes ID passwords. Thanks for the input and sorry about the confusion!
according to wiki, ASCII only has 128 signs
and you use only 95
you wouldn't use all the funny signs for a PW anyway. If I am in france, I would like to enter my password without asking the guy where the "~" is :)
I give you that, but we weren't discussing convenient passwords, I was talking about potential passwords. And the whole point of the exercise was to point out that they didn't specify which character-range was used, which gave the impression (maybe not by mistake) that they were talking about any given 8-character-password, which is simple not true.