Exactly. Expensive watches or sunglasses are like jewelry. The functional purpose they serve --providing time or protecting eyes-- are only secondary to their primary purpose of being a symbol of status.
Actually no. All current public NTLM rainbow tables (freerainbowtables.com, schmoo tables, some chinese ones, etc) have been rendered useless with current generations of GPUs. To give you an example there is a small 50GB NTLM table out there for a keyspace than can be covered in less than 30sec by an HD 5870. Moreover NTLM passwords or hashes (plural) are not easy to crack with rainbow tables. The complexity to crack N passwords with rainbow tables is O(N) whereas a traditional bruteforcer will crack them in O(1). The reason is because a bruteforcer uses bloom filters or hashtables to match candidate hashes again any number of NTLM hashes in parallel without slowing down too much as the # of hashes increases. Therefore there is a tradeoff where if you have to crack more than a certain number of NTLM hashes, rainbow tables will be less efficient than a bruteforcer.
What could be useful is rainbow tables built by GPUs with parameters targeted for GPUs (in particular chain lengths of 1e5 or 1e6 or more). An acquaintance of mine is precisely working on such a project...
ighashgpu bruteforces Windows NTLM password hashes at a rate of 2.4 billion password/sec on a single GPU (HD 5870). What does this mean with respect to TFA and its measly "4 million/sec"?
Many of the discussions here completely miss the point that bruteforcing rates depend entirely on what is being bruteforced. For example if you look at JtR password hash bruteforcing benchmarks you can see rates with a Core i7 920 anywhere between a measly 758 password/sec (bcrypt) up to 14.6 million password/sec (LanMan). This spans 5 orders of magnitude! It's the same for encrypted files. For example PGP files encrypted with a symetric key issued from the Simple S2K mechanism can be bruteforced at millions of password/sec with a regular CPU, but this can drop to only a handful of password/sec if Iterated+Salted S2K was used with a decent S2K count...
Therefore all these discussions about whether "4 million/sec" is good/bad/improbable are completely irrelevant since the article is devoid of any info about what is being bruteforced.
The most well-know and probably most used RAID implementation, Linux software RAID, has been able to do #2 since 2006. It strikes me how few people know this. It is called reshaping (see mdadm --grow).
In all fairness to ZFS, it took Linux more than 10 years to implement reshaping (raid5 support was added around 1995-1996). ZFS has only been released for production use 3 years ago, in Solaris 10 6/06 "U2".
As a crypto geek, I wanted to know more so I read the original post where "FloppusMaximus" disclosed the first key (for TI-83). It turns out that TI was using an RSA key of only 512 bits(!) This is extremely short: keys shorter than 1024 bits are considered unsafe, and in practice the largest semiprime ever factored was 663 bits (see RSA-200 challenge). Why was TI even using such small keys? It can't be cost, chips doing 1024-bit RSA cost less than $1. TI almost deserved what happened, if only to teach them a crypto lesson.
"Someone who is XY or XX" is also not well-defined. Mosaicism is a condition where an individual has some XY cells, and others XX. Where do you draw the line for the individual to be a male? Does "he" have to have 50+% XY cells, 90+%, 99+% ?
And what about the XYY syndrome? Some question whether the term "syndrome" is even appropriate because most individuals with XYY cells don't even know it as they appear to be regular healthy males. They don't have to take drugs, which defeats your first argument. Given that 1 in 1000 boys have this syndrome, it is probable that some athletes who won "male" competition have this syndrome. If we were to have these persons genetically tested today, would you retroactively strip them from their titles?
This whole male/female question is not as trivial as it looks like.
This lack of knowledge on/. is sickening. Not only a single SSD already almost saturates a SATA 3.0Gbps link (300MB/s with 8b-10b encoding), but even regular hard drives do. Transfers to/from the on-disk buffer chips are bottlenecked by the 300MB/s speed. And SATA enclosures placing multiple (3 or more) drives behind a SATA port multiplier also easily saturate SATA 3.0Gbps links (the sequential read speed of a 1TB Seagate 7200.11 is 120MB/s, so 3 of them do 360MB/s).
Incidentally, the talk about "pre computed dictionary files" is a ridiculous idea
This is not what you think it is. What they mean by that term is they support rainbow tables. This is a time-memory trade-off that is very useful to crack non-salted hashes like Windows's standard NTLM hashes.
Everybody misses an important point in that story: the fact the student had to repeatedly introduce the phony quote in the article and barely succeeded in having it live for more than 24 hours demonstrates that wikipedia is pretty good at self-correcting itself !
Why so much controversy about the limitation to 3 apps ? This is perfect for a typical Windows user who needs an anti-virus, a firewall, and a pop-up blocker. There you have it !
So you mean like: wwwwwwwwwwwwwwwwwwwwww hhhhhhhhhhhhhhhhhhhh ooooooooooooooooooooooo ooooooooooooooooooooooooo OOOOOOOOOOOOOOOOOOOOOOO ooooooooooooooooooooo ssssssssssssssssssssssss hhhhhhhhhhhhhhhhhhhhhhhh
...the cost of RAM eclipse the cost of the rest of your PC by 20-fold or more
And that, my friends, is why you shouldn't buy Intel processors supporting DDR3 only (Core i7 or Nehalem-based Xeon). For large memory config, DDR2 is cheaper and motherboards with lots of slots are more common (try to find one with 32+ DDR3 slots: it does not exist !). Check this out: a config supporting 128GB at about 1/6th the cost of the one referenced in TFA ($50k):
2.) The components use more power at higher temperatures! This is from increased leakage currents in the silicon.
Below is a graph from Research My Startup company did!
http://www.silentcomputing.com/tech/market2.gif
May I point out the obvious: not only the higher power consumption comes from increased leakage currents in the silicon, but it also comes from the fact that power supplies are less efficient at higher temperatures, so they need to pull more current from the wall socket to maintain the same output current.
However what you and I just said is irrelevant. As your graph shows, the difference in power consumption is very minimal: 2% for each 10C due to leakage currents, and maybe ~5% for each 10C in decreased PSU efficiency. These few percentage points are nothing compared to the amount of power you would save by making the AC work less hard. Indeed, if without AC the datacenter would reach 140F (333 Kelvin), cooling it down to 60F (289 Kelvin) requires removing 44 Kelvin of heat, whereas cooling it down to 100F (311 Kelvin) only requires removing 22 Kelvin of heat, therefore running it at 100F would roughly reduce the AC power consumption by 50% ! So the point made by TFA still holds: overall you still are saving energy by running a whole datacenter at a 10C higher temperature.
As to the higher component failure rate: as it was proven by 2 independent studies last year (Google and CMU), higher temperatures do not even correlate with higher hdd failure rates. In fact, strangely they observed a slight reverse effect: hdd tended to fail less often !
Also, they made a couple mistakes. Firstly they used 75W Opterons (8350) instead of 50W ones like in my list above (8350 HE)
- pretty stupid considering their whole focus was to build a silent system ! Secondly instead of 10k RPM drives they should have
used SSDs which are much cheaper per IOPS. Thirdly since they didn't build it with more than 32GB RAM, why pick
an expensive mobo supporting 128GB ? They could have saved $400 by choosing one with fewer memory slots supporting "only" 64GB.
Slashdot Mirror
Exactly. Expensive watches or sunglasses are like jewelry. The functional purpose they serve --providing time or protecting eyes-- are only secondary to their primary purpose of being a symbol of status.
Actually no. All current public NTLM rainbow tables (freerainbowtables.com, schmoo tables, some chinese ones, etc) have been rendered useless with current generations of GPUs. To give you an example there is a small 50GB NTLM table out there for a keyspace than can be covered in less than 30sec by an HD 5870. Moreover NTLM passwords or hashes (plural) are not easy to crack with rainbow tables. The complexity to crack N passwords with rainbow tables is O(N) whereas a traditional bruteforcer will crack them in O(1). The reason is because a bruteforcer uses bloom filters or hashtables to match candidate hashes again any number of NTLM hashes in parallel without slowing down too much as the # of hashes increases. Therefore there is a tradeoff where if you have to crack more than a certain number of NTLM hashes, rainbow tables will be less efficient than a bruteforcer.
What could be useful is rainbow tables built by GPUs with parameters targeted for GPUs (in particular chain lengths of 1e5 or 1e6 or more). An acquaintance of mine is precisely working on such a project...
ighashgpu bruteforces Windows NTLM password hashes at a rate of 2.4 billion password/sec on a single GPU (HD 5870). What does this mean with respect to TFA and its measly "4 million/sec"?
Many of the discussions here completely miss the point that bruteforcing rates depend entirely on what is being bruteforced. For example if you look at JtR password hash bruteforcing benchmarks you can see rates with a Core i7 920 anywhere between a measly 758 password/sec (bcrypt) up to 14.6 million password/sec (LanMan). This spans 5 orders of magnitude! It's the same for encrypted files. For example PGP files encrypted with a symetric key issued from the Simple S2K mechanism can be bruteforced at millions of password/sec with a regular CPU, but this can drop to only a handful of password/sec if Iterated+Salted S2K was used with a decent S2K count...
Therefore all these discussions about whether "4 million/sec" is good/bad/improbable are completely irrelevant since the article is devoid of any info about what is being bruteforced.
The most well-know and probably most used RAID implementation, Linux software RAID, has been able to do #2 since 2006. It strikes me how few people know this. It is called reshaping (see mdadm --grow).
In all fairness to ZFS, it took Linux more than 10 years to implement reshaping (raid5 support was added around 1995-1996). ZFS has only been released for production use 3 years ago, in Solaris 10 6/06 "U2".
Imagine he amount of stuff you could (unreliably) store on a hard disk if massive de-duplication was built into the drive electronics.
Bad idea. Doing dedup in the drive electronics would:
As a crypto geek, I wanted to know more so I read the original post where "FloppusMaximus" disclosed the first key (for TI-83). It turns out that TI was using an RSA key of only 512 bits(!) This is extremely short: keys shorter than 1024 bits are considered unsafe, and in practice the largest semiprime ever factored was 663 bits (see RSA-200 challenge). Why was TI even using such small keys? It can't be cost, chips doing 1024-bit RSA cost less than $1. TI almost deserved what happened, if only to teach them a crypto lesson.
Yo bro, thanks for the tip bro. We'll do it this way next time. -Tomi
"Someone who is XY or XX" is also not well-defined. Mosaicism is a condition where an individual has some XY cells, and others XX. Where do you draw the line for the individual to be a male? Does "he" have to have 50+% XY cells, 90+%, 99+% ?
And what about the XYY syndrome? Some question whether the term "syndrome" is even appropriate because most individuals with XYY cells don't even know it as they appear to be regular healthy males. They don't have to take drugs, which defeats your first argument. Given that 1 in 1000 boys have this syndrome, it is probable that some athletes who won "male" competition have this syndrome. If we were to have these persons genetically tested today, would you retroactively strip them from their titles?
This whole male/female question is not as trivial as it looks like.
It cost $11.65/foot - probably a Monster Cable.
This lack of knowledge on /. is sickening. Not only a single SSD already almost saturates a SATA 3.0Gbps link (300MB/s with 8b-10b encoding), but even regular hard drives do. Transfers to/from the on-disk buffer chips are bottlenecked by the 300MB/s speed. And SATA enclosures placing multiple (3 or more) drives behind a SATA port multiplier also easily saturate SATA 3.0Gbps links (the sequential read speed of a 1TB Seagate 7200.11 is 120MB/s, so 3 of them do 360MB/s).
...54% of the fatal accidents (total pilot error + other human error, 2000s), then logically I would say, yes I would rather trust the autopilot in an emergency situation.
With today's telescopes like the VLT with a resolution of around 1 milliarcsecond, equivalent to the distance between the headlights on a car at the distance of the Moon, wouldn't it be possible to take a picture of one of the numerous lander on the Moon ? Seems like they are slightly bigger than a car, so they would appear as 1 or 2 pixels on a shot taken from such a telescope...
This is not what you think it is. What they mean by that term is they support rainbow tables. This is a time-memory trade-off that is very useful to crack non-salted hashes like Windows's standard NTLM hashes.
$WITTY_COMMENT_THAT_WILL_BE_MODDED_PLUS5FUNNY_EVEN_ THOUGH_THE_CONTENT_OF_THIS_VARIABLE_IS_UNKNOWN_TO_THE_READER
(Note to lameness filter: I hate you. Why do you force me to ruin my posts ?)
Everybody misses an important point in that story: the fact the student had to repeatedly introduce the phony quote in the article and barely succeeded in having it live for more than 24 hours demonstrates that wikipedia is pretty good at self-correcting itself !
The size of your mom.
Ok. That was easy.
Why so much controversy about the limitation to 3 apps ? This is perfect for a typical Windows user who needs an anti-virus, a firewall, and a pop-up blocker. There you have it !
So just because the stock market crashed, every CEO should accept to sell their company for a fraction of their market cap before the crash ? Riiight.
So you mean like: wwwwwwwwwwwwwwwwwwwwww hhhhhhhhhhhhhhhhhhhh ooooooooooooooooooooooo ooooooooooooooooooooooooo OOOOOOOOOOOOOOOOOOOOOOO ooooooooooooooooooooo ssssssssssssssssssssssss hhhhhhhhhhhhhhhhhhhhhhhh
Hello fellow slashdoters. I was offline yesterday (power outage). Did I miss any particularly interesting /. stories posted yesterday ? Hope not.
The same prices can be found at dozen of other etailers. It is that cheap.
And that, my friends, is why you shouldn't buy Intel processors supporting DDR3 only (Core i7 or Nehalem-based Xeon). For large memory config, DDR2 is cheaper and motherboards with lots of slots are more common (try to find one with 32+ DDR3 slots: it does not exist !). Check this out: a config supporting 128GB at about 1/6th the cost of the one referenced in TFA ($50k):
Help ! When I try it I keep getting discon
May I point out the obvious: not only the higher power consumption comes from increased leakage currents in the silicon, but it also comes from the fact that power supplies are less efficient at higher temperatures, so they need to pull more current from the wall socket to maintain the same output current.
However what you and I just said is irrelevant. As your graph shows, the difference in power consumption is very minimal: 2% for each 10C due to leakage currents, and maybe ~5% for each 10C in decreased PSU efficiency. These few percentage points are nothing compared to the amount of power you would save by making the AC work less hard. Indeed, if without AC the datacenter would reach 140F (333 Kelvin), cooling it down to 60F (289 Kelvin) requires removing 44 Kelvin of heat, whereas cooling it down to 100F (311 Kelvin) only requires removing 22 Kelvin of heat, therefore running it at 100F would roughly reduce the AC power consumption by 50% ! So the point made by TFA still holds: overall you still are saving energy by running a whole datacenter at a 10C higher temperature.
As to the higher component failure rate: as it was proven by 2 independent studies last year (Google and CMU), higher temperatures do not even correlate with higher hdd failure rates. In fact, strangely they observed a slight reverse effect: hdd tended to fail less often !
Also, they made a couple mistakes. Firstly they used 75W Opterons (8350) instead of 50W ones like in my list above (8350 HE) - pretty stupid considering their whole focus was to build a silent system ! Secondly instead of 10k RPM drives they should have used SSDs which are much cheaper per IOPS. Thirdly since they didn't build it with more than 32GB RAM, why pick an expensive mobo supporting 128GB ? They could have saved $400 by choosing one with fewer memory slots supporting "only" 64GB.