Skip navigation

software makes

warning: Creating default object from empty value in /var/www/vhosts/ on line 33.
Original author: 
Dan Goodin

Thanks to the XKCD comic, every password cracking word list in the world probably has correcthorsebatterystaple in it already.

Aurich Lawson

In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.

Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered.

The list contained 16,449 passwords converted into hashes using the MD5 cryptographic hash function. Security-conscious websites never store passwords in plaintext. Instead, they work only with these so-called one-way hashes, which are incapable of being mathematically converted back into the letters, numbers, and symbols originally chosen by the user. In the event of a security breach that exposes the password data, an attacker still must painstakingly guess the plaintext for each hash—for instance, they must guess that "5f4dcc3b5aa765d61d8327deb882cf99" and "7c6a180b36896a0a8c02787eeafb0e4c" are the MD5 hashes for "password" and "password1" respectively. (For more details on password hashing, see the earlier Ars feature "Why passwords have never been weaker—and crackers have never been stronger.")

Read 52 remaining paragraphs | Comments

Your rating: None

These days there are so many handheld devices available that allow you to play games on the move - small and large, cheap and expensive, buttons and touch - that it's a challenge to stand out from the crowd. Where do you put your focus? Judging by a fortnight with PlayStation Vita, even Sony's hardware designers couldn't make their minds up about that, because the initial impression is that they threw everything at the wall and everything stuck. The result is a handheld that can do pretty much anything. The good news for hardcore gamers is that in amongst all of that functionality are a few things that could - if the software follows - make this the best gaming portable ever.

PlayStation Vita isn't going to infest the world like iPad did two years ago, but it faces the same scepticism - that Sony is answering a question no one's asked. Apple's tablet quickly rose to that challenge by seeping into the gaps between other devices to become the best at things we forgot we wanted, and gamers may discover that Vita pulls a similar trick. Now you can sit on a train playing a new Uncharted adventure and it looks almost as good as the one at home, and crucially it feels the same.

"We need that second analogue stick - something that even Nintendo has belatedly acknowledged with its revisions to the 3DS - and it's here at last."

Read more…

Your rating: None