• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

NVIDIA GeForce Password Cracker

FrgMstr

FrgMstr

Just Plain Mean
Staff member
2FA
Joined
May 18, 1997
Messages
58,080
When your old crackers just are not as crispy as you like those, what it is time to do? Get new crackers of course. Black Hill Information Security outlines a project for all of you folks needing crispier crackers, and they use a bevy of GTX 1080 Ti and 1070 Ti video cards. Thanks JW.


Combined, our password cracking/hashing capability just topped 327GH/sec for NTLM hashes. That’s 327,000,000,000 password attempts per second. Not bad if comparing our investment to the $21,000 Brutalis that has been seeing 334 GH/sec.
 
Great. Not enough that we have to deal with cryptocrazies buying all the video cards,....now this. Sheesh.

How about we create a demaand for graphics using doing,.......graphics?!?!?! Oh,..wait,....<sigh>
 
Last edited:
Wow. I have two GTX 1080 Ti cards. Good thing I'm not a hacker. That's nuts.

Apparently this is the danger of quantum computing. A quantum computer could hack everything instantly apparently.
 
BSmith said:
Great. Not enough that we have to dea with cryptocrazies buying all the video cards,....now this. Sheesh.

How about we create a demaand for graphics using doing,.......graphics?!?!?! Oh,..wait,....<sigh>
Click to expand...

The line between professional and consumer cards has become too blurred. It's driving consumer prices up and professional prices ....up....

Of course I don't doubt for half a second that we've been dealing with manufactured shortages and simply blaming bitcoiners. I'm told bitcoin has been sinking right back down to where it came from (I don't follow it) yet a GTX 1080 Ti is still $800.

Vega 64 seems to be coming down, I grabbed mine used from a forum for $425 with a block.. Not happy about that pricetag but it's a good card. I think I should have just grabbed a 1060 6GB for $279 on newegg and called it a day. I don't even care for maxed out graphics anymore, too much detail for my half blind eyes.
 
SickBeast said:
Apparently this is the danger of quantum computing. A quantum computer could hack everything instantly apparently.
Click to expand...

And an infinite number of monkeys in a room with an infinite number of typewriters could instantly recreate the entire works of Shakespeare.
 
I'm so glad I pl@y old games like cod1, cod2, coduo, cod4mw1, codwaw with my hope to be going on from 4/6/2015 my MSI GeForce GTX 960 DirectX 12 GTX 960 2GD5 don't break down as in fan failure.
 
SickBeast said:
Apparently this is the danger of quantum computing. A quantum computer could hack everything instantly apparently.
Click to expand...

Not even close. At best, quantum computing can operate as a rough equivalent of a non-deterministic Turing machine, allowing it to solve NP-hard problems in polynomial resources (that's what NP-hard means: the problem is so hard that a Non-deterministic Turing machine would take usually require resources (time, memory, compute elements) proportional to some Polynomial of the input size to solve the problem.) In contrast, computers equivalent to deterministic Turing machines (which is just about all of them) might require Exponential resources, which is much much more for large input sizes. Note that input size is usually measured in bits.

And that's if they ever figure out how to apply quantum computing to password cracking.

There's a simple rule here that applies: if it seems like magic, it's probably not true. The universe is loathe to provide a free lunch.
 
Zarathustra[H] said:
Brute force password methods like these are easily defeated. Just enforce a wait period between each attempt and a timeout after 3 fails.

Fail2Ban
Click to expand...

That works for a website that someone doesn't have the hash of the password. You are not going to get those numbers anyway over a network connection, that's on local disk numbers when someone has a file that's encrypted or has a hash for a password they need to discover.
 
Parja said:
And an infinite number of monkeys in a room with an infinite number of typewriters could instantly recreate the entire works of Shakespeare.
Click to expand...
The universe is large and old (and there may be a lot of them) so this has probably already happened, somewhere.
But we'll never know, if it happened outside the small portion of the universe we can observe.
 
Nv still has a long way to go to be a hash cracker "king" this is something AMD/Radeon have been champs at for a VERY long time, part of the reason that Radeons are also brutally effective crypto miners, sure they may use more power on average than "some" Ngreedia cards, but they absolutely have the engine to back up the fuel consumption as well, whereas Nv has had to resort to parlour tricks to "have the edge"
 
Far from a scientist here but I do try to keep up...

My understanding of the quantum computing/encryption issue is that quantum system operate more in amplitudes/probability than absolutes, which changes how you can work on the data. In other words a deterministic system has to follow discreet logical steps to go from A to B, and once at B can not go back due to lack of information, by design, on how to do so correctly. Thus to break encryption classically, you have to just try every possible A and see which one results in B. A quantum mechanical system working in amplitudes can, given a good understanding of the hash function, go from B to A as easily as A to B. Rather than stepping through the logical operations like a deterministic system does, a quantum system takes one step, from input amplitude to output amplitude, or vice versa if you design it backwards.

Don't quote me on this or you will almost certainly fail all of your classes.
 
I used to dabble in wireless security for fun at home -- I remember a piece of software from Elcomsoft that did something very similar. The cool part? You could link all the nvidia cards across your network to crack as one unit against hashed WPA2 passwords or whatever you choose.

Was quite fun/interesting what you could accomplish with 22 GPU's cooking in your home :)
 
collegeboy69us said:
I used to dabble in wireless security for fun at home -- I remember a piece of software from Elcomsoft that did something very similar. The cool part? You could link all the nvidia cards across your network to crack as one unit against hashed WPA2 passwords or whatever you choose.

Was quite fun/interesting what you could accomplish with 22 GPU's cooking in your home :)
Click to expand...

I think you'll hit a limit with WPA2, as the 4 way handshake will be the limiting factor. (makes me want to try it damn lol)
 
I remember people were uploading their password cracker programs to to amazon cloud, running it on the beefiest instance which gave them access to huge computing power, then once the password is cracked, just winding down the instance. Not sure if this is still viable or not, I guess it depends on the complexity.
 
BlueFireIce said:
That works for a website that someone doesn't have the hash of the password. You are not going to get those numbers anyway over a network connection, that's on local disk numbers when someone has a file that's encrypted or has a hash for a password they need to discover.
Click to expand...

Or you know from a corporate sabotage mindset. Lets say you steal a geologists hard drive (laptop). That drive encrypted on the black market in 1998 was worth over 100 thousand. NOW if a somewhat savvy criminal can brute force the decryption key in a matter of hours/days that value can be determined AND potentially FAR more valuable.

So now we are going to need private cloud stored backups, self destructing data/drives at the hardware level that have the intelligence built into them to do this without instruction and a failure attempt of x that can't be bypassed with software or easy modification trickery. (Oh here's the security circuit. Lets just kill that and work on breaking that hash value.)

This one is a bit of a head scratcher. We will either need always connected powerful devices for people with secure data that use a random generated synced hash to connect to a secure facility hosting a private backup cloud to sync data and remove it from the portable device irrevocably.
 
Your chances of quantum computer output in regards to cracking a password are as likely to be correct as to be wrong in my understanding.

Given enough guideline rules of course that chance of being correct increases.

8 characters.
At least one special characters of !@#$%^&*()
At least one numeric character
Can not end or begin with a number or special character
Password can not contain a string matching a previous password of more than 3 characters.

All of these hard and fast rules make it only easier for a Quantum computer to crack a password. (or this brute force method.)

Now companies will have these rules on their sites for passwords, and then through another communication to active users only the ACTUAL password rules that are different. Of course this will confuse the eff out of a lot of users.
 
You must log in or register to reply here.
Back
Top