They don't even use a salt? or a KDF? seriously people....

Another back and forth?

According to the experts at XS, it looks like write endurance isn't a problem, random failures due to firmware may be a bigger issue.

Wow you really know nothing about encryption. Sigh.. Everyone is an expert. Zdnet looked at ighashgpu that's unsalted password decryption when you already have a precomputed hash table. TH looked at salted password decryption where you have to perform a SHA-1 transformation invocation thousands of times per every password attempt.

Yes, because in this case the end result was just as bad!

Amen

Right... except that anyone who has a desktop gaming system can do what TH did. It's not like they had a supercomputer.

They did this on a desktop gaming system. It wasn't a supercomputer.

rainbow tables only work on unsalted passwords. These were used by microsoft for 'lan' style passwords. IIRC, vista and win7 don't use these. And if you use a 14 character password or longer, even windows xp disables the lan encryption. Your rainbow tables are effectively useless against aes-128, aes-256, and even des. They simply precompute password hashes, and generating the tables takes quite a long time. Using rainbow tables has nothing to do with gpu acceleration.

No. Zdnet used ighashgpu. That's a hash cracker. WinZip and WinRAR encyption is different because it's based on precomputed password hashes. It looks like TH used AccentZip and AccentWinRAR to decrypt passwords.All three programs are created by Ivan Golubev. His blog is full of posts on cryptography performance.

but isn't every new password that you're trying technically different?

Interesting article, but I wonder if CPUs are only slower at brute-force attacks because there haven't been new optimized programs.