Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Moxie Marlinspike Tool Cracks Crypto Passwords

Posted by samzenpus on Monday July 30, 2012 @05:15AM from the noew-tool-for-the-box dept.

Gunkerty Jeb writes "Moxie Marlinspike, the security and privacy researcher known for his SSLStrip, Convergence and RedPhone tools, has released a new tool that can crack passwords used for some VPNs and wireless networks that rely on encryption using Microsoft's MS-CHAPv2 protocol. Marlinspike discussed the tool during a talk at DEF CON over the weekend, and it is available for download."

2 of 71 comments (clear)

Min score:

Reason:

Sort:

so what? by jehan60188 · 2012-07-30 05:25 · Score: 3, Insightful

not trying to be brash, or curt or whatever, but can someone explain the larger implications?
what does this mean for me (the average non-very-savvy-when-it-comes-to-security person)?
should I stop using tor (is tor pptp?)?
should I stop using vpn, or wpa wireless networks?
this actually doesn't seem that interesting, I mean, if you use a cloud-based cracker, couldn't you have submitted the wpa handshake there already?
Re:this is the same by Bob+the+Super+Hamste · 2012-07-30 06:46 · Score: 1, Insightful

Are the Russians interested, or do you mean Guantanamo?
Yes.

--
Time to offend someone