GPUs Used To Crack WiFi Passwords Faster

← Back to Stories (view on slashdot.org)

GPUs Used To Crack WiFi Passwords Faster

Posted by ryuzaki0 on Thursday January 15, 2009 @01:43AM from the security-tools-yeah-right dept.

MojoKid writes "Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a 'proprietary GPU acceleration technology,' which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to 'audit' wireless network security."

189 comments

Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 01:46 · Score: 2, Interesting

But brute force-password guessing isn't a problem if you a choose a long enough password with a large enough character set - letters, numbers, symbols. My WPA password is larger than 15 characters. Good luck without a Beowulf cluster of those -- and even then, it better have a LOT of those GPUs.

--
My blog
1. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 01:50 · Score: 5, Informative
  
  My WPA password is larger than 15 characters.
  Isn't best practice greater than 32 for WPA? The maximum is 63 I believe.
2. Re:Brute-force password guessing not a problem by sakdoctor · 2009-01-15 01:51 · Score: 2, Interesting
  
  Since you generally never have to type a WPA key in, might as well go for maximum entropy.
  https://www.grc.com/passwords.htm
3. Re:Brute-force password guessing not a problem by Spazztastic · 2009-01-15 01:57 · Score: 4, Informative
  
  Since you generally never have to type a WPA key in, might as well go for maximum entropy.
  https://www.grc.com/passwords.htm
  Or not even using something that is transmitted over the internet and is TRULY random:
  
  dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  Credits go to someone from the Stupid (Useful) Linux tricks thread.
  
  --
  Posts not to be taken literally. Almost everything is sarcasm.
4. Re:Brute-force password guessing not a problem by Shakrai · 2009-01-15 01:58 · Score: 4, Informative
  
  I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords? How do you know they are generating them with real entropy?
  Diceware is a better bet, IMHO. You can generate them offline and with a good set of dice you get real entropy. You can use the instructions on that webpage to generate totally random passwords or to generate passwords with words in them that are easy to remember but still pretty secure/random.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
5. Re:Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 01:59 · Score: 2
  
  I hadn't heard that, but a totally random 63 character password would be ideal, yes. Note that I didn't say how much greater it is than 15. ;) But anything over 15 characters is probably secure enough for most home users.
  
  --
  My blog
6. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 02:07 · Score: 2, Insightful
  
  Not to be picky but you would need to use /dev/random and have enough entropy to make this TRULY random (assuming we live in a non-deterministic universe).
7. Re:Brute-force password guessing not a problem by jellomizer · 2009-01-15 02:09 · Score: 2, Informative
  
  guessmypassword
  123456789111111
  012345
  isn't a good password.
  Most Brute Force attacks are a little smarter then 1,2,3,.....,ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
  Lets go threw the dictionary first (Caps on, Caps Off and caps with the first letter and without it).
  Lets go threw the dictionary and followed by numbers between 0,99999999
  Do the same with the numbers prefix the dictionary word.
  Try Numeric Combinations.
  Try Alpha Combinations.
  Finally try everything else.
  So by adding More CPU's You can crack most passwords in usable order of magnitude faster.
  All the GPU is really doing is just working as an addition processor array for calculations. No big deal everyone though about using them for parallel processing once they got near the power of most CPUs.
  It is just using them for evil purpose.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
8. Re:Brute-force password guessing not a problem by AlXtreme · 2009-01-15 02:10 · Score: 2, Informative
  
  Or not even using something that is transmitted over the internet and is TRULY pseudorandom:
  There, fixed that for you.
  
  --
  This sig is intentionally left blank
9. Re:Brute-force password guessing not a problem by Shakrai · 2009-01-15 02:11 · Score: 3, Insightful
  
  But anything over 15 characters is probably secure enough for most home users.
  15 characters using the full set of letters/numbers/symbols on your keyboard works out to ~98 bits of entropy. That's probably sufficient. I usually use at least 20 characters (~131 bits) but that's probably just my paranoia. If you are worried about somebody breaking a password that secure then you have bigger problems than your neighbor using your wi-fi connection. In this case I hope you are paying your team of armed guards well and trust that they won't betray you ;)
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
10. Re:Brute-force password guessing not a problem by necro81 · 2009-01-15 02:16 · Score: 2, Insightful
  
  I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords? How do you know they are generating them with real entropy?
  
  If you are worried about it, but still don't want (or for some reason, can't) generate a random character string locally, you could always have the website generate several passwords, then combine them yourself in some random way. For instance, you could swap blocks from each string, or reverse the order of one of them and XOR the characters together.
11. Re:Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 02:25 · Score: 1
  
  In this case I hope you are paying your team of armed guards well and trust that they won't betray you ;)
  I have a mote populated with sharks -- with friggin' LASER BEAMS attached to their heads!
  
  --
  My blog
12. Re:Brute-force password guessing not a problem by kj_kabaje · 2009-01-15 02:27 · Score: 1
  
  "cleftcamsynodlacyyr" How did they guess my PASSWORD!!??!
13. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 02:32 · Score: 0
  
  GP surely meant /dev/random, which is a proper non-pseudo RNG.
14. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 02:37 · Score: 0
  
  I dont' have a reference but the problem is that each character in a WPA passphrase doesn't add 8 bits to the key. I think it only adds 2 or 3. This is why you need longer passphrases.
15. Re:Brute-force password guessing not a problem by thornomad · 2009-01-15 02:37 · Score: 0
  
  dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  This didn't work on my mac *frown*. I got an error: tr: Illegal byte sequence
  Is tr different on the mac than linux?
16. Re:Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 02:38 · Score: 2, Interesting
  
  Assuming you have it compiled into kernel, yes. (Most modern distros do)
  
  --
  My blog
17. Re:Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 02:42 · Score: 1
  
  guessmypassword
  123456789111111
  012345
  isn't a good password.
  That's why you gotta read my whole post -- you need letters, numbers and symbols. Mixed case also. My password is also not based on a dictionary word and means something only to me.
  
  --
  My blog
18. Re:Brute-force password guessing not a problem by MasterOfMagic · 2009-01-15 02:46 · Score: 2, Informative
  
  Take anything that Steve Gibson claims with at least a grain of salt, preferably a whole shaker.
  This is the same person that flat out accused Microsoft of putting the WMF exploit in Windows purposely so they'd have a way to get into any system. He had to backpeddal quickly from that claim.
  Pardon me if I don't trust his judgment or his code.
19. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 02:51 · Score: 2, Funny
  
  Lets go threw the dictionary first ...
  Lets go threw the dictionary and ...
  Please quit throwing dictionaries. Those things are heavy and they hurt.
20. Re:Brute-force password guessing not a problem by radish · 2009-01-15 02:54 · Score: 2, Insightful
  
  For something like a WPA passphrase (it's not really the key) the actual amount of "randomness" isn't important provided whatever you use isn't in whatever dictionary the attacker is using. Once the dictionary attack is exhausted they're going to have to move onto simple one-by-one testing, and being "more random" or "less random" has no real meaning. Eventually they'll hit the right one, it's just a matter of how long that takes, which is a matter of luck and what order they test them in :)
  
  --
  ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
21. Re:Brute-force password guessing not a problem by morgan_greywolf · 2009-01-15 03:07 · Score: 1
  
  Well, you're right. Here's your reference. Each character provides about 2.5 bits of security:
  
  How the PSK is used in WPA and 802.11i
  The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:
  PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)
  Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.
  The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.
  However, even using an offline attack, this article's author still says a PSK of about 20 characters should be enough for most purposes. I tend to agree.
  
  --
  My blog
22. Re:Brute-force password guessing not a problem by rob1980 · 2009-01-15 03:07 · Score: 1
  
  I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords?
  
  To what end, though? Gibson is probably too busy trying to scare everybody with latest_security_hole_02782 to bother to hack into your wireless router anyway.
23. Re:Brute-force password guessing not a problem by XcepticZP · 2009-01-15 03:09 · Score: 1
  
  You can go "through" a dictionary. That's probably what you meant to write.
  
  But then again, English has some really awkward words and pronunciations.
  
  Me thinks we need English 2.0 to come out soon. English 1.0 is way too ambiguous.
24. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 03:12 · Score: 0
  
  ... also, the contraction of 'let us' uses an apostrophe.
25. Re:Brute-force password guessing not a problem by ShieldW0lf · 2009-01-15 03:15 · Score: 4, Insightful
  
  Maybe I'm dense, but how the hell does flooding a wireless card with brute force dictionary attacks bottleneck on computation speed? You create your dictionary, once, you stick it on a hard drive, you stream it at your target through the wireless networking card, you wait.
  This product seems like a bunch of bullshit to me. Even if they did come up with some particularly clever algorithm for creating more effective dictionaries and speed it up GPUs, there's no need to recreate a dictionary every time you're doing a brute force attack.
  
  --
  -1 Uncomfortable Truth
26. Re:Brute-force password guessing not a problem by evanbd · 2009-01-15 03:16 · Score: 1
  
  If you're worried about the source or transmission channel being compromised (or malicious) you've just inserted *several* bits of entropy. A good password needs 64 bits or more if you want to protect against this sort of attack. A presumed compromised source of random data supplies zero bits of entropy. This is really something you need to do on your own machine, if not manually. Rolling dice just isn't that hard.
27. Re:Brute-force password guessing not a problem by evanbd · 2009-01-15 03:20 · Score: 1
  
  Modern guessers start modifying the dictionary and evaluating things in a prioritized order based on how far away they are from it. Until your password bears no visible relationship to the dictionary, you're too close; it's not just a simple in vs out question. If you care about your password, you need to make a serious evaluation of how many bits of entropy it contains, and assume the attacker can guess in a priority order that will limit its effectiveness to that many bits. If you only have 30 bits of entropy, you should assume your attacker can guess it in half a billion tries or so; making assumptions that he'll be inefficient is a *bad* idea.
28. Re:Brute-force password guessing not a problem by sholsinger · 2009-01-15 03:25 · Score: 1
  
  I guess the idea is that you don't have to wait as long. Which to some people is probably worth something. (time? money?)
  If it is really being used to audit your passwords, then time is important. The auditor has other places to be, and other things to do. So waiting for the brute force attack to go through is just non-value-added. So reducing that time is important.
29. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 03:26 · Score: 0
  
  I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords?
  To what end, though?
  Step 1: Distribute incredibly complex passwords to paranoid users looking to thwart brute force attacks.
  Step 2: Add all generated passwords to your brute force library.
  Step 3: Profit until someone drags out an old meme and exposes your diabolical scheme!
30. Re:Brute-force password guessing not a problem by buchner.johannes · 2009-01-15 03:27 · Score: 4, Funny
  
  dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  Don't use that, I use that as a password already!
  
  --
  NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
31. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 03:29 · Score: 0
  
  He also thought that WinXP shipping with raw sockets was going to be the end of the interwebs due to DDoS bots having more power now.
32. Re:Brute-force password guessing not a problem by wastedlife · 2009-01-15 03:31 · Score: 5, Informative
  
  From the product website:
  
  Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being probed, by analyzing a dump of network communications in order to attempt to retrieve the original WPA/WPA2-PSK passwords in plain text.
  TFA is misunderstanding the way the app functions, it listens to the network until a certain amount of information has been sent, then attempts to decrypt that data locally. Sending wave after wave of login attempts is easily detectable and would almost certainly bottleneck somewhere at the network level before CPU.
  
  --
  Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
33. Re:Brute-force password guessing not a problem by gsgriffin · 2009-01-15 03:46 · Score: 1
  
  You're exactly right, and I have the same thoughts. The wireless signal, at best an 'n', is never going to bottleneck a regular Pentium 4. Even if they are talking about combining words from the dictionary, that is not a lot of processing power. The only difference could be if the article is written wrong, and they are actually trying to take the encryption from an intercepted wireless singal and decode it into words from the dictionary. Then they are decoding and trying variation from the dictionary that might fit the encryption pattern.
  
  --
  jsut athnoer menagiensls ltitle psrhae for you to dcoede. Why do we wtsae our tmie dnoig tihs?
34. Re:Brute-force password guessing not a problem by hannson · 2009-01-15 03:48 · Score: 1
  
  One thought about password cracking.
  
  Isn't the collision of the cypher one attack vector in brute force cracking?
  
  I allowed my friend to test his brute force attack on my computer once, he didn't get the password but got another that gave the same hash.
35. Re:Brute-force password guessing not a problem by radish · 2009-01-15 03:59 · Score: 1
  
  Oh I agree, I think maybe I wasn't clear. Obviously your password has to look *nothing* like anything in the dictionary, that's a given. I was just saying that using one prng vs another slightly more random one won't make a lot of difference. You don't need a cryptographically strong rng for generating a passphrase.
  
  --
  ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
36. Re:Brute-force password guessing not a problem by chill · 2009-01-15 04:07 · Score: 1
  
  Who are you really and what type of stunt are you trying to pull here!
  chill@E520:~$ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  0+1 records in
  0+1 records out
  8 bytes (8 B) copied, 5.73129 s, 0.0 kB/s
  P
  chill@E520:~$
  chill@E520:~$ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  0+1 records in
  0+1 records out
  8 bytes (8 B) copied, 4.90066 s, 0.0 kB/s
  Qd
  A password of "P"?! Or a password of "Qd"?!!
  [Okay, for those that don't get the humor. The dd command generates 200 binary bytes of random data and the tr command strips out the valid password characters. Since the source is random, there will be a random number of valid characters in the stream. In those two examples, all that was generated as valid was "P" and "Qd". Earlier runs for me generated 50+ character valid passwords. WPA's limit is 63 character password length, so I suggest multiple runs and paste a couple together to get all 63 characters.]
  
  --
  Learning HOW to think is more important than learning WHAT to think.
37. Re:Brute-force password guessing not a problem by citizenr · 2009-01-15 04:08 · Score: 1
  
  it listens to the network until a certain amount of information has been sent
  no, it listens for certain KIND of information to be send, particularly association. In order to get that info you just have to disconnect a client, sniff for 5 seconds and go home.
  
  --
  Who logs in to gdm? Not I, said the duck.
38. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 04:09 · Score: 0
  
  A mote? You might want to replace that with a moat. Far more effective.
39. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 04:14 · Score: 0
  
  Also, this is better (No need of dd messages no?)
  dd if=/dev/urandom bs=200 count=1 2>/dev/null | tr -cd 'A-Za-z0-9!@#$%^&*()_+';echo
40. Re:Brute-force password guessing not a problem by thePowerOfGrayskull · 2009-01-15 04:18 · Score: 1
  
  Me thinks we need English 2.0 to come out soon. English 1.0 is way too ambiguous.
  what r u saying? thru it all it has ben here always. u just need to see it
41. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 04:32 · Score: 1, Informative
  
  It's an offline attack. You passively capture the key exchange between AP and client and then try to find the password which decrypts it. The last step involves lots of independent computationally intensive calculations, so it benefits from a faster processor or a multicore system like a GPU. A rainbow table ("create your dictionary once") is not an option because the interaction is salted (that's also why you need the key exchange packets, not some random packets after the key exchange). This really is a brute-force/dictionary attack, not a vulnerability of the protocol, so if your password is long and random, you have nothing to worry about, for now.
42. Re:Brute-force password guessing not a problem by SBrach · 2009-01-15 04:36 · Score: 1
  
  Generate 63 random chars. Put on CD. Setup Wi-Fi once on each PC using the CD. Lock the CD in your safe.
43. Re:Brute-force password guessing not a problem by Bert64 · 2009-01-15 04:40 · Score: 1
  
  And MS removed raw socket support from SP2.... If it was insignificant, why did they bother removing it?
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
44. Re:Brute-force password guessing not a problem by Cythrawl · 2009-01-15 04:47 · Score: 0
  
  Or just generate one from here: https://www.grc.com/passwords.htm - I have the same password I generated for around 2 years now, no-one has hacked into it (WPA) and I have it on my Pen Drive as a text file if another computer wants to connect to the wireless, I have to physically set it up so it can get on... Really simple.
45. Re:Brute-force password guessing not a problem by PsyciatricHelp · 2009-01-15 04:48 · Score: 1
  
  Nothing is random!
46. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 04:50 · Score: 0
  
  It's not nearly 98 bits of entropy since WPA passphrases only add 2 or 3 bits per character.
47. Re:Brute-force password guessing not a problem by Nutria · 2009-01-15 04:54 · Score: 1
  
  The dd command generates 200 binary bytes of random data and the tr command strips out the valid password characters.
  So you'd think. But it works for me...
  
  $ dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  1+0 records in
  1+0 records out
  200 bytes (200 B) copied, 0.000290517 s, 688 kB/s
  N2^YH+085R!PwMC0VinHSsFP+Zf#GKoyyG#Fs)%QFl9$YOjz$%85dD
  
  --
  "I don't know, therefore Aliens" Wafflebox1
48. Re:Brute-force password guessing not a problem by chill · 2009-01-15 04:57 · Score: 1
  
  Ummmm... you missed my comment about random didn't you. The length output by the command is random. Run it 10 times and see what you get.
  Oh, and change the "/dev/urandom" to "/dev/random" for true randomness.
  
  --
  Learning HOW to think is more important than learning WHAT to think.
49. Re:Brute-force password guessing not a problem by dubbreak · 2009-01-15 04:57 · Score: 3, Funny
  
  You can generate them offline and with a good set of dice you get real entropy.
  I think we have a different definition of "good set of dice". My set of dice are "good" if they roll 20's consistently.
  
  --
  "If you are going through hell, keep going." - Winston Churchill
50. Re:Brute-force password guessing not a problem by Nutria · 2009-01-15 04:59 · Score: 1
  
  Nothing is random!
  Except quantum mechanics. You know, Schrödinger's Cat...
  
  --
  "I don't know, therefore Aliens" Wafflebox1
51. Re:Brute-force password guessing not a problem by Cythrawl · 2009-01-15 05:12 · Score: 0
  
  I posted the same link - Now my post is going tot be marked redundant... Doh... The only time that becomes a pain is when you try setting up something like a Wii to it. The only sure fire way is to print it, and get someone to read it character by character and input it into the Wii... Once its in though, you are golden..
52. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 05:15 · Score: 0
  
  Since you generally never have to type a WPA key in
  Incorrectamundo. Got a Roku box a few months ago, and instantly regretted my super-133t extra long WPA2 password.
  To enable wireless networking on the Roku, you have to enter your password using the remote, which means using navigation keys on a virtual keyboard.
  Sigh.
53. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 05:19 · Score: 0
  
  Slight variation I did just because(because I'm lazy, I don't feel like running it multiple times, and it's my computer I can do what I want):
  dd if=/dev/urandom bs=1024 count=10 2>/dev/null | tr -cd 'A-Za-z0-9!@#$%^&*()_+' | dd bs=58 count=1 2>/dev/null ; echo
  so I can say how long I want it to begin with
  (maybe play with the bs and count in the initial dd depending. Yeah it may be wasteful but give it enough stuff it'll work)
  bs in the second for the length desired, and I'm hoping with the 1024*10 bytes into the tr command that at least(58 in this case) can be found).
  Hmm, maybe that 1024*10 is a tad much. Ran it 1000 times (tr output piped into wc -c each time). Got a min of 2820, max of 3111, and an average of about 2960.
  1024*1? Min: 254, Max: 341, Average: 296
  256*1? Min: 50, Max: 102, Average: 74.
  Eh, people can play with it.
54. Re:Brute-force password guessing not a problem by Sancho · 2009-01-15 05:19 · Score: 1
  
  Worked on mine. Did you type it in correctly?
  
  $ dd if=/dev/urandom bs=200 count=1 | tr -c -d 'A-Za-z0-9!@#$%^&*()_+'; echo
  1+0 records in
  1+0 records out
  200 bytes transferred in 0.000050 secs (3994575 bytes/sec)
  (+ori4d@f5Fvea_g0wOj2c(brCJo1y*!rQlve_kuDjFKYrqm7Fh#s#DfvJ
55. Re:Brute-force password guessing not a problem by thornomad · 2009-01-15 05:52 · Score: 1
  
  Hmm ... I copied and pasted ... I didn't separate out the two options as you indicated thought: -c and -d ... maybe I will try it again with that at home.
56. Re:Brute-force password guessing not a problem by RiotingPacifist · 2009-01-15 05:56 · Score: 1
  
  /dev/random is the reason you were getting short keys.
  using /dev/urandom about 50 times didnt give any short keys
  if you insist on using /dev/random, not really much point as you can just change your keys if the algorithm is found wanting, then you have to check that there is enough entropy "cat /proc/sys/kernel/random/entropy_avail" before you run it
  
  --
  IranAir Flight 655 never forget!
57. Re:Brute-force password guessing not a problem by Sancho · 2009-01-15 05:56 · Score: 1
  
  I tried that after reading the man page--I'll admit, I didn't try -cd together.
58. Re:Brute-force password guessing not a problem by MrChips · 2009-01-15 05:59 · Score: 1
  
  A little more efficient and easier to type:
  
  head -c 15 /dev/random |base64
59. Re:Brute-force password guessing not a problem by skeeto · 2009-01-15 06:05 · Score: 1
  
  No organization on earth is going to be able to brute force a 15 character password (over 98 bits as you mention) made of randomly generated printable ASCII characters. Not for decades.
  Even brute forcing 8 characters (over 52 bits) would require a modestly funded organization. Breaking your WPA key just wouldn't be worth the thousands of dollars to do it. It would be much easier to pick your locks while you are away at work and read the key directly from the router's memory.
  32 randomly generated printable ASCII characters is completely unnecessary. It would be a big hassle for no security gain.
60. Re:Brute-force password guessing not a problem by RiotingPacifist · 2009-01-15 06:05 · Score: 1
  
  Or not even using something that is transmitted over the internet and is partly pseudorandom:
  There, fixed that for you.
  AFAIK, ive only read a few mans here, but urandom will use all the random avalible in random iff it runs out it will use the PRNG to extend it so both of you are wrong
  
  --
  IranAir Flight 655 never forget!
61. Re:Brute-force password guessing not a problem by secPM_MS · 2009-01-15 06:20 · Score: 1
  
  Strong passwords / keys for WPA is not much of a burden. You only have to enter the damm things once. I use a random 32 character hex string as my key. I wrote it down and stored it in a known location. I also have it stored in an old USB drive in a text file. I have to enter it far more than most people, as I dogfood WIndows releases, flattening my notebook each time. Thus I have to reinitialize it for my home WPA network each time I rebuild it. I am not worrying about brute force attacks against 128 bit key values.
62. Re:Brute-force password guessing not a problem by hesaigo999ca · 2009-01-15 06:33 · Score: 1
  
  I thought that was the point, it IS like a small boewulf cluster ....of 3
63. Re:Brute-force password guessing not a problem by cbiltcliffe · 2009-01-15 06:40 · Score: 2, Interesting
  
  Your last guess is pretty close.
  You intercept a few packets of data from the wireless network and save them. Then, you bugger off to your evil lair, and set about trying to crack them with your dictionary list.
  But the algorithm that WPA uses is non-reversible. It's also run 4096 times.
  So to crack it, you take the first line in your dictionary, throw in the network's SSID (this is included for better security. Passphrase: 12345 will hash differently on a network named linksys than it will on a network named dlink), run it through the WPA algorithm the 4096 times, truncate the result at 256 bytes, then compare that 256 bytes to the captured packets.
  If they don't match, go on to the next line in your dictionary.
  If they do match, you've got your passphrase.
  My Athlon64 laptop does just shy of 200 passphrases/second like this. My current audit dictionary is somewhere on the high side of 48 million words.
  Obviously, speeding this up in any way is going to decrease your audit time significantly.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
64. Re:Brute-force password guessing not a problem by Baton+Rogue · 2009-01-15 06:43 · Score: 1
  
  So what do you do about your WiFi enabled phone, or Xbox or PS3 or any device that doesn't have a CDROM drive or text editor to read and copy that file?
65. Re:Brute-force password guessing not a problem by lagomorpha2 · 2009-01-15 06:43 · Score: 1
  
  Is there a version that supports my collection of dice with more than 6 sides?
66. Re:Brute-force password guessing not a problem by cbiltcliffe · 2009-01-15 06:46 · Score: 2, Insightful
  
  I question why the hell anybody needs to have someone/something else generate a random password for them.
  Can't you do it yourself? You've got 5 fingers on 1 hand. You've got a second hand. You've got a keyboard.
  Just go KJNo867f*P7gP*&%o86fv:(O*& for shit's sake.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
67. Re:Brute-force password guessing not a problem by cbiltcliffe · 2009-01-15 06:54 · Score: 1
  
  And somewhere around that time, Amazon.com and eBay.com were DDoSed.
  What's your point?
  He's right. DDoS bots do have more power, now. The Internet also has more power. And the script kiddies that were doing DDoS attacks have now moved on to legitimate jobs, or to writing more insidious malware. In the meantime, large scale DDoS attacks seem to have fallen out of favour with the cracker crowd.
  But, just because it's not being abused currently doesn't mean it's not going to be abused, or can't be abused.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
68. Re:Brute-force password guessing not a problem by Mad+Merlin · 2009-01-15 07:04 · Score: 1
  
  I prefer this:
  
  perl -pe 's/[^[:print:]]//g;' </dev/urandom
  
  --
  Game! - Where the stick is mightier than the sword!
69. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 07:44 · Score: 0
  
  Mine was 32 random chars, but people kept writing it down and leaving the notes all over the place. Now it's ten random chars and they're still complaining that it's too hard to remember. Never mind that you need to enter it only once.
70. Re:Brute-force password guessing not a problem by wastedlife · 2009-01-15 08:25 · Score: 1
  
  You are correct. I was thinking about a type of WEP cracking where the probability of a successful attack increases as more packets are collected. Off to get some more coffee, I haven't had my daily hallucinations yet.
  
  --
  Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
71. Re:Brute-force password guessing not a problem by John+Whitley · 2009-01-15 09:15 · Score: 1
  
  >> dd if=/dev/random bs=200 count=1 | tr -c -d 'A-Za-z0-9!@#$%^&*()_+'; echo1+0 records in
  1+0 records out
  200 bytes transferred in 0.000068 secs (2943371 bytes/sec)
  tr: Illegal byte sequence
  >> printenv LC_CTYPE
  en_US.UTF-8
  >> (export LC_CTYPE=C; dd if=/dev/random bs=200 count=1 | tr -c -d 'A-Za-z0-9!@#$%^&*()_+'; echo)
  1+0 records in
  1+0 records out
  200 bytes transferred in 0.000054 secs (3711773 bytes/sec)
  ntAzlJkArsfaMJXM^0ugwmhHxGiCZ)HVFg@JN4!HOM3tn&pWQ&pu6g
  The default locale values on my US mac are "en_US.UTF-8". Per the tr man page on OS X:
  
  ENVIRONMENT
  The LANG, LC_ALL, LC_CTYPE and LC_COLLATE environment variables affect the execution
  of tr as described in environ(7).
  When LC_CTYPE has a UTF-8 encoding, tr requires that the input byte stream be well-formed UTF-8; not all random byte strings adhere to this. In the working example, I set LC_CTYPE to "C", which one can think of as "binary, with no encoding".
72. Re:Brute-force password guessing not a problem by RR · 2009-01-15 09:27 · Score: 1
  
  Strong passwords / keys for WPA is not much of a burden. You only have to enter the damm things once.
  Strong passphrases ARE a burden. You enter it only once... per device... per OS reinstall. As long as Windows wireless manager doesn't flake out. As more cell phones and such discover the wonders of WiFi, the problem grows worse.
  Even worse, if you are in a small organization, is that you have to enter it on every employee's laptop and iPod. And if you make the passphrase simple enough that ordinary people can enter it themselves, then you have small security time bombs as the ordinary people are not as careful about the password as you are.
  At home, I run my access point without any password. I don't mind a little community "sharing," and AT&T hasn't become evil enough to attack me, yet. Also, in the aforementioned case, I just consider the network "public," with an unusually high barrier to entry.
  Personally, I would prefer EAP-TLS for real security. No more unauthorized clients connecting to my access point, really difficult to sniff anything useful, and the password doesn't have to be global. The password could be as secure as it needs to be on that device, and certificates can be revoked. However, no cheap access point comes with a RADIUS server (sucky Netgear doesn't support RADIUS at all), and installing the certificates is a burden, especially on consumer devices such as the Wii.
  
  --
  Have a nice time.
73. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 09:30 · Score: 0
  
  you capture one handshake, then the attack is performed offline.
74. Re:Brute-force password guessing not a problem by Cramer · 2009-01-15 09:34 · Score: 1
  
  Yeah, that's still "typing in the key", even if it is CTRL-C, CTRL-V. This "method" fails for a great deal of wireless networked hardware... tivo, ps3, xbox, wii, iPhone, IP Phones, ...
75. Re:Brute-force password guessing not a problem by Cramer · 2009-01-15 09:37 · Score: 1
  
  Simple. You aren't flooding anything. The application only needs to LISTEN to the radio traffic to get the few specific packets it needs. At which point it spends the rest of eternity trying the decode those packets using the GPU(s).
76. Re:Brute-force password guessing not a problem by Cramer · 2009-01-15 09:40 · Score: 1
  
  Compatibility. No previous version had it, and they don't want to have to support it going forward. (plus, it's never really been necessary.)
77. Re:Brute-force password guessing not a problem by Ihmhi · 2009-01-15 09:47 · Score: 1
  
  I have a question about this. What if the wifi password contains a coherent sentence? Do brute forcers search for specific words in specific orders?
  My old wifi password was:
  yestheydeservedtodieandihopetheyburninhell!1
  Adding some more random symbols and numbers in there would make it stronger, yes. What if it were:
  yes!1they@2deserved#3to$4die%5and^6I&7hope*8they(9burn)0in_-hell+=!<>
  As you can see, I basically hit Shift and went down the number row between the words. There is very much a recognizable pattern here - two, in fact: a movie quote, and moving down the number row. The only true randomness is the stuff at the end. Is this password truly weaker than a completely random one? And if it is, is it significant enough to worry about?
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
78. Re:Brute-force password guessing not a problem by Nutria · 2009-01-15 10:38 · Score: 1
  
  Ummmm... you missed my comment about random didn't you.
  Must have.
  The length output by the command is random. Run it 10 times and see what you get.
  I got some short ones, just like you. Wiggling the mouse juiced up the entropy, though.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
79. Re:Brute-force password guessing not a problem by DMUTPeregrine · 2009-01-15 12:42 · Score: 1
  
  That said, a cryptographically strong rng won't hurt. KeePass includes one, and is good for storing all those passwords, /dev/random is one if you just need to generate them. When they're that easy to get and use, why not use one?
  
  --
  Not a sentence!
80. Re:Brute-force password guessing not a problem by ion.simon.c · 2009-01-15 13:13 · Score: 1
  
  /dev/random is the reason you were getting short keys.
  Does dd *really* terminate when /dev/random doesn't have enough data to serve? I would have thought that reads on /dev/random would block until it had enough data to serve the request.
81. Re:Brute-force password guessing not a problem by ion.simon.c · 2009-01-15 13:15 · Score: 1
  
  You're not fooling me. You're just interested in discovering the states of our PRNGs!
82. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-15 14:38 · Score: 0
  
  It only takes capturing 1 packet from a 4 way TKIP handshake to run an offline dictionary attack. Hundreds of tries per second makes cracking a WPA key easy if you have a good dictionary.
83. Re:Brute-force password guessing not a problem by plover · 2009-01-15 15:48 · Score: 2, Interesting
  
  The old (very old) password cracking programs I've played with allow the user to set up rules to guide guesses. You'd fill out a series of patterns, and if possible base them on passwords you know your target has used in the past. For example, I knew a friend commonly substituted digit 1 for letter i, so added a rule of s/i/1/ to the list of modifications to dictionary words. (I eventually found his password was k3rm1t.)
  Like most things, the answer of "is your security weaker" is "it depends". You certainly aren't doing yourself any security favors by telling us you might have a movie quote as a pass phrase, even in an example. This is information that may have made your router's password significantly more guessable.
  First of all, I'd want to physically locate you first to avoid wasting time cracking the wrong router. That should be fairly easy. Tools like Google and Wigle might help me narrow it down to exactly you. I'd start guessing with the notion that you might use a quote from a movie as your pass phrase, or perhaps the first letters of a quote as a pass phrase. A script running through IMDB could theoretically yield the quote your current pass phrase is based on, and there are dozens of web pages devoted to movie quotes of just about every genre. I'd start with quotes from movies featuring Samuel Jackson, anime movies, and episodes of American Dad and South Park. I would guess you'd write it in all lower case, but anotherTestWithCamelCase is cheap. I know you might also separate the words with some common symbol/number pairs, and that you've done them in 1-2-3 order, so I would add various rules to test the movie phrases that way. Twice in your examples above you've post-fixed a symbol/number to your phrases, so I'd add that pattern, too.
  Failing to find your pass phrase among the movie quotes, I'd move on to video game quotes and slang, maybe some Ozzie lyrics or other metal lyrics, CD liner notes, and possibly even some quotes from literature. The point is the GPU is screamingly fast, and can try billions of permutations of each of these, and the real bottleneck would likely be having to scoop up all these sources of quotations from the net.
  Now, given that you're posting to Slashdot, I'm hoping you'd be a bit more clever than all this, and you've posted the above as a pile of misdirection. I'd only give myself about a 5% chance of actually guessing your pass phrase, even with the tools above and the hints you provided. But those are a hell of a lot better odds than trying to guess a truly random password. The other thing working in your favor is that you're pretty young and thus likely broke, so no serious criminals have the profit motivation to hunt you down and start hacking away at your wireless. Now, if you were "Senator Adams from the Great State of New Jersey," or "Millionaire Adams, the Sausage King of Newark," then there'd be a bit more incentive. That's what happened to both Palin and Obama.
  The thing you should take away from this is: it wouldn't hurt to change your passphrase right now to some cryptographically random value. You've likely given away too much information already. But the chances are greater that nobody really cares what your pass phrase is. :-)
  
  --
  John
84. Re:Brute-force password guessing not a problem by andreyvul · 2009-01-15 17:50 · Score: 1
  
  Fail. Your entropy pool wasn't large enough.
  $ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  0+1 records in
  0+1 records out
  128 bytes (128 B) copied, 0.000714045 s, 179 kB/s
  21%waZYOayqiI&WMikecP#^5OpLB8ESeta7y@)qu!!
  [after a significant while]
  $ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  0+1 records in
  0+1 records out
  128 bytes (128 B) copied, 0.000267305 s, 479 kB/s
  YY6ygFCo2c)C0%*gYX6+%Wh%$4KZdeW79IjP^VnL
  $ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
  0+1 records in
  0+1 records out
  128 bytes (128 B) copied, 0.000274968 s, 466 kB/s
  m4QJo1cD)W&nKimr&U78I%hW3bLl4yE0cQipq
  
  --
  proud caffeine whore
85. Re:Brute-force password guessing not a problem by BBandCMKRNL · 2009-01-16 05:01 · Score: 1
  
  So to crack it, you take the first line in your dictionary, throw in the network's SSID (this is included for better security. Passphrase: 12345 will hash differently on a network named linksys than it will on a network named dlink), run it through the WPA algorithm the 4096 times, truncate the result at 256 bytes, then compare that 256 bytes to the captured packets.
  How is this process impacted if the the router is set to not broadcast the SSID, like I have mine set up?
  Also, both my SSID and WPA-2 key are gibberish, my WPA-2 key is > 50 characters, I do MAC address filtering, and the DHCP function only hands out 'X' number of IP addresses where 'X' = the maximum number of devices that will be on the network at the same time. Am I missing anything here?
  
  --
  Without the 2nd Amendment, the others are just suggestions.
86. Re:Brute-force password guessing not a problem by Arabani · 2009-01-16 08:20 · Score: 1
  
  I'm fairly certain the SSID can be sniffed from captured network traffic. MAC filtering and DHCP limits only prevent an attacker from associating with your network (and the former can be circumvented fairly easily); they don't prevent an attacker from eavesdropping. However, if your password is >50 random characters, that will make a dictionary attack extraordinarily difficult.
87. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-16 10:30 · Score: 0
  
  "Maybe I'm dense, but how the hell does flooding a wireless card with brute force dictionary attacks bottleneck on computation speed?"
  I think you don't fully know the process involved in cracking WPA. You don't need to "flood" the AP with a brute force attack. The only thing you need from the WPA enabled Wifi is the WPA handshake which is very easy to obtain and take only a few seconds. This software from Elcomsoft is used to test every word contained in the dictionary against that WPA handshake, taking advantage of the GPGPU capabilities of todays GPUs to acelerated this time consuming process. Maybe the software even make that capture for you, but that's only a handshake, not a flood at all.
  This software, even using Nvidia's Tesla, is useless if you use a really strong password with 63 random printable ASCII characters, like the ones generated at https://www.grc.com/passwords.htm
  To beat a password like that, i can`t imagine how many Pbytes that dictionary would have to be, and how many years it would take to crack.
88. Re:Brute-force password guessing not a problem by afranke · 2009-01-16 12:07 · Score: 1
  
  Oh! So you are my neighbour!
89. Re:Brute-force password guessing not a problem by Bert64 · 2009-01-16 22:39 · Score: 1
  
  Then why add it in the first place?
  There are now some compatibility problems, due to any program designed for win2k or xp pre sp2 which used raw sockets...
  And yes, 2k did have it so at least 1 previous version.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
90. Re:Brute-force password guessing not a problem by Ihmhi · 2009-01-17 03:12 · Score: 1
  
  Well, that's an old one. It has no real effect on what my new password currently is. That thing is like... 2 years old?
  The point is, if you didn't know that info - that it's a movie quote, etc. - and you're completely blind, would there really be much of a noticeable difference? Could it be quantified in time necessary to crack it?
  To modify that old "make the other guy die for his country" quote, I don't necessarily want to aim to make my wireless secure, just way more secure than my neighbor's. Why hop onto my network when you can hop onto Pablo's with his password of 123456789?
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
91. Re:Brute-force password guessing not a problem by Anonymous Coward · 2009-01-21 09:07 · Score: 0
  
  Since everyone is out to get you. I recommend blacking out all the windows around your computer in case someone is tries to video tape you typing your WPA password in.
DCMA by georgeda · 2009-01-15 01:48 · Score: 0

ElcomSoft had a few run-ins.. http://en.wikipedia.org/wiki/US_v._ElcomSoft_Sklyarov
Slashvertisement Alert by Spazztastic · 2009-01-15 01:48 · Score: 1

ElcomSoft Wireless Security Auditor runs on Windows NT SP4, Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. The software ordinarily sells for $1,199, but is currently selling at half price ($599.5) until March 1, 2009.
And just in time for getting blogged about!

--
Posts not to be taken literally. Almost everything is sarcasm.
Time travel by IceCreamGuy · 2009-01-15 01:52 · Score: 1

Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0...
"Just" released? Like, a month ago? Or was that just the announcement?
I think the key point with all this, though, is just don't use dictionary words in your passwords... for anything... ever. The same company makes software for all kinds of password systems, so just don't do it.

without dictionary words being involved, cracking is still quite intensive: perhaps three months to crack a lowercase-only random eight-character password using a PC with two Nvidia GTX 280 video cards.
1. Re:Time travel by Anonymous Coward · 2009-01-15 03:19 · Score: 1, Interesting
  
  Yep. As Bruce Schneier notes in Applied Cryptography, simply cycling a 256-bit counter (eg, random 8 byte password, just express it as a hex string if you like) would take more energy than is released by a typical supernova.
  
  In other words, if your password is susceptible to an offline bruteforce attack, as WPA is, make it long-ish and random. Then rest easy unless some real, non-brute-force attack is discovered.
Auditions by Thanshin · 2009-01-15 01:52 · Score: 4, Funny

Heavy machine guns!
Audit your neighbors' dodge skills.
Full disclosure by plover · 2009-01-15 01:53 · Score: 4, Insightful

People who whine about these being "irresponsible" or "bad for security" always seem to forget that the bad guys may already have written stuff like this and are putting it to use. By publishing this software, it makes everyone aware that it's never safe to turn a blind eye to poor security practices.
If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process.

--
John
1. Re:Full disclosure by hacker · 2009-01-15 02:04 · Score: 1
  
  "If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process."
  
  Until 3 hours later when THAT password is now cracked.
  Lather. Rinse. Repeat.
2. Re:Full disclosure by Spazztastic · 2009-01-15 02:09 · Score: 1
  
  "If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process."
  Until 3 hours later when THAT password is now cracked.
  Lather. Rinse. Repeat.
  Or then implement WPA2 enterprise that authenticates against your Active Directory or RADIUS domain with blacklisting against MAC addresses that aren't registered to that user.
  
  --
  Posts not to be taken literally. Almost everything is sarcasm.
3. Re:Full disclosure by Anonymous Coward · 2009-01-15 02:24 · Score: 0
  
  Saying it is "irresponsible" is just saying you're uninformed about security. Think of the tools that aren't released for a reason...
  I have done some coding with cuda (for the gpu) and it isn't impossible to write a program for a cheap gpu that can out run any optimized program written for a top cpu. The gpu only has a memory bandwidth bottleneck (pcie).
4. Re:Full disclosure by Anonymous Coward · 2009-01-15 02:26 · Score: 0
  
  Well, that's part of what I was wondering. If someone is capable of getting the hardware, and understands the software enough, probably is also capable of getting a fairly good job to pay for his internet connection instead of attempting to get into his attenuated and non-reliable neighbor's network.
  
  Unless, of course he's planning to do something bad, in which case, he would also have to break into the logging system and remove his brute force attempts and fake his mac address among others (which I know is not hard to do). But after all, if something done is that bad, I'm guessing investigators can always check the neighbors in the event of an investigation.
  
  Is there a point I'm missing here that I should be aware of? Instead of being a complete educational experiment, what are the implications of this?
5. Re:Full disclosure by jcuervo · 2009-01-15 03:01 · Score: 1
  
  Until 3 hours later when THAT password is now cracked.
  Hours?
  
  --
  Assume I was drunk when I posted this.
6. Re:Full disclosure by plague3106 · 2009-01-15 03:04 · Score: 1
  
  Great idea! I actually do that. Now, how do I allow my Wii or PSP to use my wireless network?
7. Re:Full disclosure by Anonymous Coward · 2009-01-15 03:07 · Score: 0
  
  Heh, I'll bite.
  I listen to the network for mac addresses, clone each one in turn, and fail logins until I get your portal page that says "BANNED". I just DDoS'd your network. Your users will be burning your help desk to the ground any minute now.
8. Re:Full disclosure by Jurily · 2009-01-15 03:16 · Score: 1
  
  People who whine about these being "irresponsible" or "bad for security" always seem to forget that the bad guys may already have written stuff like this and are putting it to use. By publishing this software, it makes everyone aware that it's never safe to turn a blind eye to poor security practices.
  Absolutely. However, they also make it easy for casual attackers. Never underestimate a horde of script kiddies with a good script.
9. Re:Full disclosure by Cley+Faye · 2009-01-15 03:16 · Score: 1
  
  You're lucky; some people also like to play with their DS
10. Re:Full disclosure by Anonymous Coward · 2009-01-15 03:37 · Score: 0
  
  Until your CEO's phone stops working right and orders you to "fix the internet".
  Not to mention MAC blacklisting is like asking someone for their name to check if they're on the guest list but not checking id -- Anyone within eavesdropping range can just use the same credentials later.
11. Re:Full disclosure by kabocox · 2009-01-15 04:03 · Score: 2, Interesting
  
  If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process.
  Until 10 minutes later the CEO calls the head of IT and has them change the WAP password back to Password1 so he can log in. It's nearly a known fact that managers can't type passwords longer than 8 characters successfully. 16 character or longer passwords become difficult for field IT guys to type. o.k. was that new password ffffffddddddcccccc222222555555? I mean it's difficult enough to get them to use their kid's name plus a number as a password and you want a security consult to change a working system because it might be insecure? Damn.
  Every system and facility is insecure if you put enough force into cracking it. We've got an offsite gym/vehicle storage building where the only security is a vericard to get the door and a key for the back. There is a stand alone laptop of little value out there, but there is several thousand dollars of gym equipment there. What level of force/ability do you really think that it would take to clone/spoof a vericard and then load up alot of that equipment onto a semi? The reason that we don't employ a full time guard or have the place monitored by 4-8 DVR cameras is that those in charge of the budget don't think that its worth that amount of effort to protect. But even if you had a guard and cameras, how much money do you think it would take to bribe the guard and disable/by pass the cameras? With enough resources/effort anything is possible.
12. Re:Full disclosure by Xabraxas · 2009-01-15 04:09 · Score: 1
  
  Or then implement WPA2 enterprise that authenticates against your Active Directory or RADIUS domain with blacklisting against MAC addresses that aren't registered to that user.
  Mac addresses are easily spoofed. RADIUS can also be brute forced. You also have to use IPSec to encypt the RADIUS message and use strong passwords.
  
  --
  Time makes more converts than reason
13. Re:Full disclosure by Xabraxas · 2009-01-15 04:17 · Score: 1
  
  Unless, of course he's planning to do something bad, in which case, he would also have to break into the logging system and remove his brute force attempts and fake his mac address among others (which I know is not hard to do). But after all, if something done is that bad, I'm guessing investigators can always check the neighbors in the event of an investigation.
  
  The bruteforce is done offline. The only thing you need to bruteforce WPA is a handshake that you can obtain by sniffing passively. There is no connection being made to the router. Once you have a handshake, and have brute-forced the key, you just spoof the mac address of the computer that made the handshake and connect with the correct key. There is no trace of your activity.
  
  --
  Time makes more converts than reason
14. Re:Full disclosure by lysergic.acid · 2009-01-15 04:31 · Score: 1
  
  so should we ban the sale of lock picking kits, books, and locksmithing educational resources? after all, such information can help criminals as much as they help legitimate professionals.
  the way to ensure security is to test the system rigorously, not to discourage the testing of such systems. and the best way to facilitate such security auditing is for the security community to share information and penetration testing resources with one another and foster public discourse.
  ultimately, this type of brute-forcing tool is only useful for cracking relatively weak passwords. and the best way to protect vulnerable systems is to identify them and enforce stronger passwords. the worse thing you can do is to hide such weak passwords from security experts (or yourself) in hopes that this will also hide them from attackers.
15. Re:Full disclosure by SBrach · 2009-01-15 05:01 · Score: 1
  
  Buy another cheap router and a cheap switch. Run WPA personal for your Wii and PSP or WEP if you have a DS. Plug both of your routers into the switch. Plug your switch into your cable modem. If your ISP won't assign you two IP's for a couple of bucks a month then move or something.
16. Re:Full disclosure by cbiltcliffe · 2009-01-15 09:00 · Score: 1
  
  Remember TJX?
  Well, now it doesn't take an idiot admin using WEP to get broken into and 94 million credit card numbers stolen.
  Now you can feasibly do it with somebody who's using WPA, too.
  Although with a decent dictionary, it's always been possible, but it took longer.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
17. Re:Full disclosure by plover · 2009-01-15 13:27 · Score: 1
  
  Never underestimate a horde of script kiddies with a good script.
  My point is that horde is acting as the advertisement and providing the impetus for getting the problems fixed. But the problems are never created by the tools, they're just exacerbated by them.
  That's why we should celebrate these cracks, and take advantage of them. If my boss sees a news article that says "Hackers crack bad WPA passwords", I know he'll email me asking me to tell him how we generate our passwords. If I say, "I opened the dictionary to a random page and wrote down the first three words I saw, but it doesn't matter because until you give me a budget increase, we're still running WEP", he'll give me the budget to upgrade the equipment to WPA, then I'll set the passwords to something strong, and then he'll fire me for being an idiot in the first place. But at least he'll do something about it, and that's the key.
  
  --
  John
18. Re:Full disclosure by plover · 2009-01-15 13:46 · Score: 1
  
  Think of the tools that aren't released for a reason.
  Not releasing the tools is why we have such big problems. There are bugs identified all the time, but vendors routinely ignore them or just sit on the patches. That means anyone else smart enough to figure out the bugs can abuse them until the vendor issues the fixes.
  The way things effectively get fixed right now is the (good) hackers give advance notice to the vendors, but they also let the vendors know when they're going public with the flaw. When they go public, they have to demonstrate the bug with some exploit code. That code, wrapped in a script, is effectively a tool for the script kiddies. And it doesn't take that much scripting to make a giant, fast tool.
  The professional bad guys already have the malicious code designed, written, and tested. They have their malware servers hosted and on line, and are waiting for clients. That is all done well in advance. But now, they are not just sitting around waiting for the next announcement. They're busy analyzing code themselves, discovering flaws, and exploiting vulnerable equipment. The more victims they can infect before the independent discovery of the bug by a good guy and the deployment of a patch, the more data they can steal, the more money they make, and the worse the real problems are for the rest of us.
  
  --
  John
Re:It's red by Anonymous Coward · 2009-01-15 01:58 · Score: 0, Informative

Ricardo Montalban Dead At 88
I'm confused by grizdog · 2009-01-15 02:00 · Score: 1, Offtopic

First off, does this kind of approach work against any rationally designed secure software? All that would seem to be needed to defeat this is for the the login procedure to have a few seconds of delay before it responds yes or no, and no speedup in the guessing will help. This is why we have shadow password files, right? Or have I just been using *nix too long?
Also, I've seen people using GPUs in all sorts of non-graphics computation environments for some time now. When push comes to shove, is this just about money, and that CPUs have extra features that makes it easier to run an operating system, but aren't needed for pure computation? I'm not a hardware guy, so this is probably a stupid question, but I just don't get it.
1. Re:I'm confused by Ciarang · 2009-01-15 02:41 · Score: 1
  
  You're confused because you're thinking in terms of a login system, not encrypted data which you can easily see. (i.e. it's transmitted 'at you')
  In simple terms, once you've intercepted some data you can have as many attempts as you like to find the right key to decrypt it.
2. Re:I'm confused by muridae · 2009-01-15 03:30 · Score: 1
  
  First off, does this kind of approach work against any rationally designed secure software? All that would seem to be needed to defeat this is for the the login procedure to have a few seconds of delay before it responds yes or no, and no speedup in the guessing will help. This is why we have shadow password files, right? Or have I just been using *nix too long?
  Yes, it would work. Someone logs some wireless packets over night, goes home and cracks the password, comes back later and logs in to the network. They only make one or two failed attempts, the rest is passive.
  
  Also, I've seen people using GPUs in all sorts of non-graphics computation environments for some time now. When push comes to shove, is this just about money, and that CPUs have extra features that makes it easier to run an operating system, but aren't needed for pure computation? I'm not a hardware guy, so this is probably a stupid question, but I just don't get it.
  That's pretty much the whole of it, yes. GPUs are co-processors, what they do they do very fast, but what they don't do takes a lot more work. And, most cards now days are actually many many processing units running in parallel with the same data and just slightly different steps.
  
  For stuff like cracking passwords, having lots of processors, each checking a different password, and avoiding some of the OS overhead of switching to keep the desktop updated and dealing with all the various interrupts, and you can get a substantial speed increase. A linear increase of speed, I don't think anyone has reduced the complexity of the password cracking problem, but still a speed increase.
Re:It's red by Shakrai · 2009-01-15 02:03 · Score: 1, Insightful

Ricardo Montalban Dead At 88 [slashdot.org]
In his defense he probably thinks that it hasn't gotten sufficient coverage because we haven't seen two or three dupes yet ;)

--
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
The bommon line is.. by Anonymous Coward · 2009-01-15 02:07 · Score: 0

A PS3 running Linux will still crack it 100x quicker than a GPU...
1. Re:The bommon line is.. by Anonymous Coward · 2009-01-15 03:16 · Score: 0
  
  yeah, but it will get so hot it will burn your house down
You're Not Doing it Right by zwekiel · 2009-01-15 02:08 · Score: 1

If your wireless network encryption key can be cracked by a laptop, you're not doing it right.

Choose a longer key, and for god's sake, don't use WEP.

--
Web Hosting: Unlimited storage and bandwidth: $5/month
1. Re:You're Not Doing it Right by srollyson · 2009-01-15 03:10 · Score: 1
  
  If you're going to do it right, then you might as well run sshd on your wireless router and enforce traffic tunneling.
  Oh, and make the router's sshd key-authentication only.
  ...better throw a port knocker on that bad boy, too.
  ...and make the port knocker's socket combination based off of a one-time pad.
  ...which was generated using diceware or a hardware random number generator.
  ...and send the encrypted data packets across a short wave signal like a numbers station rather than using 802.11whatever.
  Or you could just realize that wireless is designed for convenience, not security. If someone's going to go through the trouble of using their GPUs to crack your key, then you've already got an adversary sophisticated enough to warrant the use of wired ethernet and a secure facility.
No reason you have to use things like CUDA... by Assmasher · 2009-01-15 02:08 · Score: 1

...to run 'generic' GPU applications. They just make things simpler for people not used to working with GPUs. Back in 2005 (can't recall) I wrote a computer vision algorithm (a simple multi-gaussian system) that uploaded live security video as a set of conglomerated images in a given texture size and output motion maps, just using early pixel shaders on an ATI 9700PRO (old even at the time.) It wasn't hard, although faking arrays via textures was a pain in the rear. ;)

--
Loading...
1. Re:No reason you have to use things like CUDA... by kreyszig · 2009-01-15 02:12 · Score: 1
  
  ...to run 'generic' GPU applications. They just make things simpler for people not used to working with GPUs.
  indeed. see gpgpu.org which is mostly focused on using opengl and directx to do this.
2. Re:No reason you have to use things like CUDA... by Anonymous Coward · 2009-01-15 02:18 · Score: 0
  
  If my neighbor spends so much time and effort buying the hardware, installing the software and learning how to do that, he may as well pay for his internet connection. I mean, having all those tools and hardware without an internet connection before, is kind of pointless. But if he insists in getting into my network, why not, after all he well deserves it after all that the effort.
3. Re:No reason you have to use things like CUDA... by Anonymous Coward · 2009-01-15 04:53 · Score: 0
  
  Try and think a little more out of the "neighbors stealing internet access" box. Granted the software is expensive for a reason, to make it a little more difficult to obtain it. That doesn't mean that a copy of it won't show up on warez or torrent sites nor does it mean that no one is working or has made on open source software with similar functionality. Hardware isn't that expensive; one just needs a WiFi card that can be used in promiscuous mode and I wouldn't be surprised if one could make mostly any WiFi card that's already built into modern day laptops to do it.
  I agree that it's a bit silly to put the legwork into getting the software and making sure to have a compatible WiFi card and drivers just to steal an internet connection to do idle surfing. However, there are more uses than just that. Someone may want to break into a wireless network because there's useful data to be had on that network. An example would be when Home Depot a group cracked the WiFi at one of their stores and stole thousands of credit card information.
  Another use would be to commit crime using someone's WiFi network in order to hide their tracks. It could be your neighbor, some dude in his car parked in front of your house, or someone with a directional antenna a mile away.
Re:It's red by click2005 · 2009-01-15 02:10 · Score: 0, Offtopic

Patrick Mcgoohan (The Prisoner's Number 6) died too.

--
I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
Why wouldn't they be able to sell it? by Anonymous Coward · 2009-01-15 02:25 · Score: 0

It's not clear why you think it can't be sold or given away.
At least you don't claim it's a DMCA violation.
This is true but misleading by Scott+Lockwood · 2009-01-15 02:28 · Score: 3, Insightful

The real problem is using WPA with pre-shared keys - that's what this can really do some damage with. That, and they used it to set up a fake root CA. Um, this is almost a month old. WTF? Slashdot: Where you hear it last!

--
But this is slashdot. A slashdoter who didn't build his own computer is like a Jedi who didn't build his own lightsaber!
Brute force will be dead anyway by Anonymous Coward · 2009-01-15 02:39 · Score: 0

Smart AP, and LAP tied to wireless switch do have, or will have ability to ignore the attempts after 3-5 times (or whatever policy is set). They ignore that radio attempt to log in, and send out alert to admin of the attempts. They can located within feet the machine attempting to break in.
OpenCL by Adam+Hazzlebank · 2009-01-15 02:43 · Score: 2

I'd say it's particularly unlikely that it's using OpenCL seeing as there are no working implementations yet (unless someone knows better?)
1. Re:OpenCL by Creepy · 2009-01-15 03:39 · Score: 1
  
  To be honest, I doubt it's difficult to write a proprietary shader without a GPU programming language for this since the GPU really only can be used to offload the hash computation (using the PSK and passphrase). The real trick is packing and passing data (say passwords) to that shader for processing efficiently, and that could be done in a variety of ways (e.g. stuffing them in a texture or a vertex buffer object).
  The real limitation is probably the network interface once you have an efficient way of generating keys.
2. Re:OpenCL by TubeSteak · 2009-01-15 06:06 · Score: 1
  
  This might be a stupid question... but how come none of these GPU acceleration schemes utilize the shitty onboard graphics that come with many motherboards?
  I know that onboard 3D graphics are vastly inferior to a discreet card, but it can't be completely useless.
  
  --
  [Fuck Beta]
  o0t!
3. Re:OpenCL by MostAwesomeDude · 2009-01-15 09:17 · Score: 1
  
  My guess is that it was written in GLSL or HLSL, as those are the only shading languages that are high-level and that work on both ATI/AMD and nVidia offerings. (For now.)
  
  --
  ~ C.
4. Re:OpenCL by MostAwesomeDude · 2009-01-15 09:20 · Score: 1
  
  Well, it's because these are usually CUDA (nVidia only) or CTM (ATI/AMD only). Onboard chips are almost always Intel or VIA, although both nV and ATI chips are occasionally put onto boards as well.
  The good answer is that nobody's written CUDA/CTM/Brook+/OpenCL/etc. support for Gallium yet.
  
  --
  ~ C.
5. Re:OpenCL by kreyszig · 2009-01-16 00:13 · Score: 1
  
  it's because the shitty onboard graphics that come with many motherboards are just that, shitty. GPU accelleration in this context takes advantage of the large number of discrete processing units (pixel shaders, vertex shaders, call them what you will) that are available in discrete cards. The analogue is the CPU "core", there are over 2 hundred in top end discrete cards, usually less than ten in an onboard card.
Generating Passwords by KiwiCanuck · 2009-01-15 02:54 · Score: 2, Funny

Isn't there a way of taking a prime number and converting it to ascii? I'm not a software guy, so I use to go to computer services (when I was in uni) and get them to generate a password for me. I have accumulated 8 passwords. Now I just rotate through them. Is this a good idea? Cheers for any advice.
Re:does it count as 0day? by plague3106 · 2009-01-15 02:56 · Score: 2, Insightful

What's illegal about it? If you're using it against your own network to test the strenght of your settings, I see nothing wrong with that. The question isn't why can they sell this legally, but why WOULDN'T they be able to do so? Given that any tool can always be used in bad ways, I don't think that should be enough to outlaw the tool itself.
Elcomsoft? by tsstahl · 2009-01-15 02:57 · Score: 0

How many of their employees are going to get arrested for this one?
1. Re:Elcomsoft? by Anonymous Coward · 2009-01-15 03:40 · Score: 0
  
  I'm actually running their Advanced EFS Data Recovery utility right now to restore some files from a dead laptop that were encrypted using WiXP Encrypted File System. Very usefull and beats having to find a way to boot the same volume from a different PC so I could log into my account and get my stuff back.
Great Program by JimmyRay_TWTV · 2009-01-15 03:04 · Score: 5, Informative

I tested this program for a upcoming show and I really liked it. The cost is high for most regular folks, so it is geared more towards Government/Commercial. For a nice open source option, I also recommend Pyrit. I had a few issues importing Aircrack files, but most of those have been resolved.

--
Jimmy Ray Ecc 5:19
Brute Force? by Fnord666 · 2009-01-15 03:10 · Score: 2, Interesting

... does is perform brute-force dictionary attacks of WPA and WPA2 passwords.
I tried using a non brute force dictionary attack on an encryption key once. I just tried every third word in the dictionary. It didn't seem to work as well as trying them all. In other words, there are brute force attacks and there are dictionary attacks, but there are no brute force dictionary attacks.

--
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
1. Re:Brute Force? by Zironic · 2009-01-15 03:25 · Score: 1
  
  A brute force dictionary attack tends to run through the entire dictionary with various prefixes,suffixes, numbers, capitalizations and even word combinations.
2. Re:Brute Force? by wastedlife · 2009-01-15 03:42 · Score: 1
  
  The article and summary have a lot of glaring errors. For one, TFA states that it sends random passwords to the access point. This is false. According to the product page, the app listens to the network in question and creates a dump. Then it works on that dump locally. Also, as you stated, there is no such thing as a brute-force dictionary attack. Brute-force just attempts every possible permutation, while dictionary attacks try using passwords based on words in a dictionary. This uses an "advanced dictionary attack" (this is how the product website describes it), which uses a dictionary along with mutations such as inserting symbols or numbers in place of letters.
  Anyway, if you can afford the license for this product, you should really be using WPA-RADIUS or WPA2-RADIUS instead of a preshared key. In fact, you could probably buy a cheap windows server and install IAS for the cost of one license for this app(or a *nix box with better hardware). As far as I can tell, not using a pre-shared key invalidates this product.
  
  --
  Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
3. Re:Brute Force? by nobodylocalhost · 2009-01-15 03:43 · Score: 1
  
  Sure there is.
  for example, your dictionary has
  12345678
  password
  helloworld
  computer
  now you tested those passwphrase using a dictionary attack and they failed. So you know for sure these are not the passphrase. They can then be removed from the brute force efforts so you don't test the same thing twice.
  
  --
  Where is the "Ignorant" mod tag?
4. Re:Brute Force? by Anonymous Coward · 2009-01-15 04:11 · Score: 0
  
  No, you just did a brute force dictionary attack on one-third of a dictionary.
5. Re:Brute Force? by GuloGulo · 2009-01-15 05:14 · Score: 1
  
  Might want to post a link to the definition, you've lied about definitions (and other things) before.
  
  --
  "The government grants you rights, not the other way around."-- beav007. Yes, these people really exist...
6. Re:Brute Force? by Anonymous Coward · 2009-01-15 09:23 · Score: 0
  
  here are brute force attacks and there are dictionary attacks, but there are no brute force dictionary attacks
  Sure there are. Just take a dictionary, the larger the better, and use it to pound the heck out of the encryption key. Is it brute force? Without a doubt. Is it effective? No, unless you're using it on someone who knows the key.
Use random string of characters by groffg · 2009-01-15 03:12 · Score: 1

This is really old news, but a useful reminder that wireless access points should employ non-dictionary passphrases. To defeat even the most sophisticated password-guesser (one that combines dictionary-based and brute force password guessing), you can use a completely random password, such as one generated by by this FOSS utility: http://www.codeguru.com/csharp/csharp/cs_misc/security/article.php/c14557/
formulas make brute-force password guessing easy! by Medievalist · 2009-01-15 03:13 · Score: 2, Insightful

You need letters, numbers and symbols. Mixed case also.
If you follow such a formula black hats know more about your password than if you don't, so their brute force attacks from 10,000 node botnets just got exponentially faster. You made the key space smaller when you eliminated all possible passwords that do not contain letters, numbers, symbols and mixed case.

My password is also not based on a dictionary word and means something only to me.
That's a far better strategy.
Myself, I ignore all "rules" and "formulas" for password generation and use 64 characters or more for important passwords. Until this became possible (I'm old) I always used the maximum number of characters allowed (so old, I had to use six-character passwords for decades).
Back in the day, college students and security auditors used to routinely brute passwords without dictionaries because MVS and RSX had such short passwords.
It counts as a tool, like a hammer or pocketknife. by Medievalist · 2009-01-15 03:24 · Score: 5, Insightful

they can legally sell this because...
They live in a culture that has more commercial freedom than yours, apparently. Given that they are in Russia, that's a sad commentary on wherever you live.

why? just because they claim to be an 'auditor' means they can profit from a cracker?
Because it's a tool. You can cave people's heads in with a hammer, you can assassinate the pope with a kitchen knife. They are tools, they have no moral dimension. Even a thumbscrew can be used for moral purposes, such as a doorstop that keeps cute fuzzy puppies from running on to train tracks.
Effective tools amplify your ability to do things you want to do. They don't make it necessary or possible for you to commit crimes; your will and your circumstances are what makes you a criminal.
I have used wifi crackers to audit networks in my workplace with the full knowledge of my employer. I have never used one to commit a crime, ever. It's just a tool.
GPL-licenced implementation by Zayin · 2009-01-15 03:33 · Score: 1

May I suggest adding a reference to the GPL-licenced software pyrit in the summary? It might be useful for people to know that a) Elcomsoft is not the first to implement this and b) a free software implementation exists (currently only for NVIDIA, but they are planning ATI support).

--
"I'd rather have a full bottle in front of me than a full frontal lobotomy"
I tried by Anonymous Coward · 2009-01-15 03:41 · Score: 0

But I don't think the passphrase dialog liked the spaces between the words, nor the quote characters... ;-)
my password is "cat" by saintsfan · 2009-01-15 04:09 · Score: 1

"If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed." ... no shit
I totally read that as... by Anonymous Coward · 2009-01-15 04:17 · Score: 0

GPS Used to Crack WiFi Passwords Faster and thought... Now they have our satellites too?!?
1. Re:I totally read that as... by Anonymous Coward · 2009-01-15 07:47 · Score: 0
  
  No silly, it's not they, it's ARI...
Sensationalist drivel. by Anonymous Coward · 2009-01-15 04:31 · Score: 0

So? Why such a sensationalist headline for such a mundane achievement?
Co-processors are not a new idea, and other programs, such as Photoshop and Folding@home already use GPUs for number-crunching.
Depends on your definition of "Brute Force" by Anonymous Coward · 2009-01-15 04:42 · Score: 0

Brute force has many meanings. Some already mentioned. However, a dictionary attack can be considered a brute force method because you're just trying different keys until one works.
A non-brute force attack could mean attacking a weakness in the crypto algorithm. In other words, you don't need to try a bunch of keys until one works because you're breaking the algorithm itself.
Re:use random hex keys by madbavarian · 2009-01-15 05:07 · Score: 1

WPA2 passwords can be either 0-63 character strings which will be converted to a 64-character hex key by the software, or can be specified as a 64-character hex key directly. Since the keyspace to guess a 64-character hex key is 2^256 choices long, the attacker is going to spend a very, very long time trying to guess the password.
My recommendation has always been that people that want the ultimate security use random keys pulled from /dev/random and converted to a hexadecimal number. That key should then be input using the hex key option. While they are at it, they should also turn off WEP and WPA1, turn off TKIP and only allow WPA2 with CCMP. That will give the crackers something hard to chew on.
I've got a set of lockpick tools by Locke2005 · 2009-01-15 06:10 · Score: 1

I use them to "audit" my neighbor's front door security.
Ok, so now tell me who the real target customer for this product is.

--
I've abandoned my search for truth; now I'm just looking for some useful delusions.
CUDA probably by DrYak · 2009-01-15 06:19 · Score: 1

Until an implementation of OpenCL is out, CUDA is probably the only other mid-level GPGPU language that can represent byte-oriented binary operations.
(Perhaps using lower-level stuff like ATI's CTM/CAL too, but I'm not used to that).

--
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
just prehash them instead by RiotingPacifist · 2009-01-15 06:40 · Score: 1

CoWPAtty can already do 18,000 keys/s , while this might help in generating the hashes its probably worth working out a hash table for your victim the night before anyway.

--
IranAir Flight 655 never forget!
There, fixed that for you... by Giant+Electronic+Bra · 2009-01-15 07:01 · Score: 1

ElcomSoft positions the software as a way to 'audit' wireless network security."
ElcomSoft positions the software as a way to 'audit'your neighbor's wireless network security."

--
"Malo periculosam, libertatem quam quietam servitutem." -- Jefferson
Re:It counts as a tool, like a hammer or pocketkni by GregNorc · 2009-01-15 07:06 · Score: 0, Redundant

I don't actually ever write my own arguments in support of security tools. Whenever I need a little +5 insightful, I go to the NRA's site, grab an essay, and find and replace "gun" with "nmap", "wireshark" or whatever tool you kids are using nowadays.
It works a hundred percent of the time, 60% of the time.
Now THIS is an example of GPGPU by Anonymous Coward · 2009-01-15 07:07 · Score: 0

Finally we have an actual example of GPGPU on slashdot... And of course no one tagged it as such.
Not using CUDA or Stream? by nog_lorp · 2009-01-15 07:54 · Score: 1

CUDA and Stream *ARE* proprietary...
1. Re:Not using CUDA or Stream? by raftpeople · 2009-01-15 09:06 · Score: 1
  
  One of their tech guys was on the CUDA programming forum, so I assume they used CUDA for NVIDIA. Not sure why the article assumes that the "proprietary process" assumes the interface language is proprietary. I assumed it meant their method/algorithm was proprietary (given the fact that they patented it, they probably want to make it seem unique).
luggage combo by Anonymous Coward · 2009-01-15 09:59 · Score: 0

Just go KJNo867f*P7gP*&%o86fv:(O*& for shit's sake.
That's the combination to my luggage!
Re:It counts as a tool, like a hammer or pocketkni by dsanfte · 2009-01-15 10:57 · Score: 1

Effective tools amplify your ability to do things you want to do.
Problem is, that's why gun control works. A gun turns a violent impulse at a bar from a beating into a shooting. Fewer guns statistically, fewer beatings turn into shootings. As long as the gun control is effective and not just punishing law-abiding users, of course.

--
occultae nullus est respectus musicae - originally a Greek proverb
Yet another dupe.... by Arkaic · 2009-01-15 11:17 · Score: 1

http://mobile.slashdot.org/article.pl?sid=08/10/12/1724230&from=rss
spelling nazi by peektwice · 2009-01-15 11:33 · Score: 1

You have a small particle or speck with sharks?

It's moat...

--
Other than this text, there is no discernible information contained in this sig.
Would a ... by phlegmboy · 2009-01-15 12:20 · Score: 1

63 character key consisiting of non repeating characters selected from A-Z, a-z, 0-9 and !@#$%^&*()_-+={[}]|\:;"'.?/ be sufficiently secure?
1. Re:Would a ... by Anonymous Coward · 2009-01-15 15:13 · Score: 0
  
  good luck remembering that shit.
Re:use random hex keys by realnowhereman · 2009-01-15 23:34 · Score: 1

Your arithmetic is up the shoot.
64 ASCII characters translates to 128 hex digits.
128 hex digits (four bits each) is 512 bits.

--
Carpe Daemon
Re:use random hex keys by madbavarian · 2009-01-16 03:07 · Score: 1

Your arithmetic is up the shoot.
64 ASCII characters translates to 128 hex digits.
128 hex digits (four bits each) is 512 bits.
It is?
A hex pre-shared key (PSK) would be:
0x75aaa618b013586721413a494bd515151ae73a28aeac8d951c9d98a0b2099af6
This is a 256-bit number. Remember, each hex "digit" only represents 0-15 or 4-bits of information.
It is the same ElcomSoft of 2001 Adobe fame by soroka · 2009-01-16 07:12 · Score: 1

Just to put the story into perspective, it is the same ElcomSoft that was behind Dmitry Sklyarov (http://en.wikipedia.org/wiki/Dmitri_Sklyarov) who wrote software to get around the copy protection in Adobe E-book format and was imprisoned in the US for that, becoming the first person to be tried under the DMCA.
old news!!! :P by Anonymous Coward · 2009-01-16 07:47 · Score: 0

heh, i remember reading about this WPA/WPA2 cracking tool on the BackTrack forums back in the summer of 2008!
--
Anonymous Coward Catalyst