Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Submission + - New John the Ripper Cracks Passwords on FPGAs

solardiz writes: John the Ripper is the oldest still evolving password cracker program (and Open Source project), first released in 1996. John the Ripper 1.9.0-jumbo-1, which has just been announced with a lengthy list of changes, is the first release to include FPGA support (in addition to CPU, GPU, and Xeon Phi). This is a long-awaited (or long-delayed) major release, encompassing 4.5 years of development and 6000+ commits by 80+ contributors. From the announcement:

"Added FPGA support for 7 hash types for ZTEX 1.15y boards [...] we support: bcrypt, descrypt (including its bigcrypt extension), sha512crypt & Drupal7, sha256crypt, md5crypt (including its Apache apr1 and AIX smd5 variations) & phpass. As far as we're aware, several of these are implemented on FPGA for the very first time. For bcrypt, our ~119k c/s at cost 5 in ~27W greatly outperforms latest high-end GPUs per board, per dollar, and per Watt. [...] We also support multi-board clusters (tested [...] for up to 16 boards, thus 64 FPGAs, [...] on a Raspberry Pi 2 host)."

Comment more than one solution fits the problem (Score 2) 899

How about requiring physical interaction? This would resolve the security issues without harming our right to modify our own hardware.

At first, I thought about some kind of "while rebooting, press and hold Scroll Lock to allow the install", but the keyboard is driven by low-level I/O firmware, so that's out.

Then I thought that a physical button would be good, but the scammers could fool Grandma into pushing it "to protect your PC!"

How about a jumper that, while open, does a one-time skip of the UEFI enforcement, and prompts you to sign the new UEFI yourself?

This solution fits the problem -- without unduly interfering with our ownership rights. It's a pain for a newbie to crack the case, but maybe that would be educational, too.

Comment Re:Where.. (Score 1) 1140

Columns that adjust based on screen width? Other than < IE9, they're already here. It's called responsive enhancement.

It's not built into CSS (which you are pining for), but it's quite elegant - switching CSS based on media queries. Change the width one of the sample pages in different browsers and watch how the layout changes and images change size. Pretty slick.

Short URL for spreading the word: http://xrl.us/respenh

Comment Re:His Master's Voice (Score 1) 1015

So tell me, when you're "simply looking for more resources to exploit" where do you start?
Looking at those around you who have the resources you need or building a spaceship capable of intergalactic travel and also locating out of the universe a planet that might have the same resources you need?

Aliens wouldn't have to gear up for the express purpose of pillaging the galaxy.

They could have developed their space-facing and resource-detecting technologies during a period of relative prosperity. But when their circumstances took a turn for the worse, that same tech could be used for non-peaceful purposes -- an instant Li'l Intergalactic Raider kit.

And what makes Earth so automatically special about our resources?

Two words: dilithium crystals.

An alien civilization might be able to synthesize "tea, Earl Grey, hot" -- but still need to mine/grow/breed trickier-to-synthesize stuff. And that stuff might be abundant on Earth, but rare in other parts of the universe. We might have no clue that our planet is chock full of Unobtainium.

Man's "unripe gold" could be a G'Gugvuntt's platinum.

Slashdot Top Deals

Doubt is a pain too lonely to know that faith is his twin brother. - Kahlil Gibran

Working...