Author Topic: Yahoo hacked, 450,000 passwords posted online  (Read 1415 times)

0 Members and 1 Guest are viewing this topic.

Offline Justin Kissel

  • •|•|•
  • Protospatharios
  • ****************
  • Posts: 31,761
Yahoo hacked, 450,000 passwords posted online
« on: July 12, 2012, 05:28:30 PM »
Yahoo hacked, 450,000 passwords posted online

Hackers posted online what they say is login information for more than 450,000 Yahoo users.
 
The hack, which of course was conducted anonymously, was meant to be a warning, according to the Web page where the documents were dumped...
"My doubt in Christ is not like that of a child; it was forged in a furnace of faith." - Dostoevsky

Offline Justin Kissel

  • •|•|•
  • Protospatharios
  • ****************
  • Posts: 31,761
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #1 on: July 12, 2012, 05:30:52 PM »
Quote
Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!
"My doubt in Christ is not like that of a child; it was forged in a furnace of faith." - Dostoevsky

Offline PeterTheAleut

  • The Right Blowhard Peter the Furtive of Yetts O'Muckhart
  • Section Moderator
  • Hypatos
  • *****
  • Posts: 34,191
  • Lord, have mercy on the Christians in Mosul!
  • Faith: Orthodox Christian
  • Jurisdiction: Orthodox Church in America
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #2 on: July 12, 2012, 05:39:11 PM »
Quote
Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!
Well, DUHHH! :P
Not all who wander are lost.

Offline vamrat

  • Vamratoraptor
  • Merarches
  • ***********
  • Posts: 8,441
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #3 on: July 12, 2012, 05:41:18 PM »
Quote
Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

I need to change the password on my luggage! 
Das ist des Jägers Ehrenschild, daß er beschützt und hegt sein Wild, weidmännisch jagt, wie sich’s gehört, den Schöpfer im Geschöpfe ehrt.

Offline Cognomen

  • Site Supporter
  • OC.net guru
  • *****
  • Posts: 1,971
  • Ungrateful Biped
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #4 on: July 12, 2012, 05:49:13 PM »
Quote
Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

I need to change the password on my luggage!  

 :laugh: :laugh: :laugh:

« Last Edit: July 12, 2012, 05:49:52 PM by Cognomen »
North American Eastern Orthodox Parish Council Delegate for the Canonization of Saints Twin Towers and Pentagon, as well as the Propagation of the Doctrine of the Assumption of Malaysia Airlines Flight MH370 (NAEOPCDCSTTPPDAMAFM®).

Offline Quinault

  • Protokentarchos
  • *********
  • Posts: 4,518
  • What about frogs? I like frogs!
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #5 on: July 12, 2012, 05:56:10 PM »
Everyone needs to have capital, lowercase, numbers and symbols in a password to make it secure.

Offline PeterTheAleut

  • The Right Blowhard Peter the Furtive of Yetts O'Muckhart
  • Section Moderator
  • Hypatos
  • *****
  • Posts: 34,191
  • Lord, have mercy on the Christians in Mosul!
  • Faith: Orthodox Christian
  • Jurisdiction: Orthodox Church in America
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #6 on: July 12, 2012, 07:43:28 PM »
Everyone needs to have capital, lowercase, numbers and symbols in a password to make it secure.
Well, no password is perfectly secure, but people do need to follow this advice to make their passwords as strong as they can be.
Not all who wander are lost.

Offline Quinault

  • Protokentarchos
  • *********
  • Posts: 4,518
  • What about frogs? I like frogs!
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #7 on: July 12, 2012, 07:54:48 PM »
My husband had to learn to crack that stuff while working MI.

Even just doing Pa$sW0Rd is better than password or PASSWORD
« Last Edit: July 12, 2012, 07:55:15 PM by Quinault »

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #8 on: July 12, 2012, 07:59:20 PM »
You can hack into my account if you want. Password is : ilovevamrat
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #9 on: July 13, 2012, 11:32:16 PM »
Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))
« Last Edit: July 13, 2012, 11:33:10 PM by yeshuaisiam »
I learned how to be more frugal and save money at http://www.livingpress.com

Offline dcommini

  • Tha mi sgulan na Trianaid
  • OC.net guru
  • *******
  • Posts: 1,208
  • Beannachd Dia dhuit
    • Life of an Orthodox Soldier
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #10 on: July 13, 2012, 11:42:46 PM »
I don't even need a quick processor to sniff secure packets, I can do tthat right now legally with free software.And WPA2 has been cracked now as well so with the right OS you can hack into wireless and grab free internet...




Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))
N/OblSB

Gun cuireadh do chupa thairis le slàinte agus sona - May your cup overflow with health and happiness
Check out my blog...

Offline Justin Kissel

  • •|•|•
  • Protospatharios
  • ****************
  • Posts: 31,761
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #11 on: July 13, 2012, 11:50:58 PM »
GiC? Is that you?
"My doubt in Christ is not like that of a child; it was forged in a furnace of faith." - Dostoevsky

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #12 on: July 13, 2012, 11:58:18 PM »

I don't even need a quick processor to sniff secure packets, I can do tthat right now legally with free software.And WPA2 has been cracked now as well so with the right OS you can hack into wireless and grab free internet...




Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))

Yes WPA2 is cracked and you can sniff packets.  But WPA2 is mostly cracked through testing dictionaries against it from a handshake packet between AP and client.

What I'm talking about is bruteforcing WPA encryption with randomness only taking a short time (depending on password strength and length).  Typically right now, with only a cpu processor (even some of the latest) 15,000 keys a second is about the maximum.   With the GPU hacks, and 4 video cards piggybacked, I saw 1 million a second.   Amazing speeds...   I think there are some youtube vids going 120,000/sec.

What I am talking about is being able to pop an WPA/WPA2 encryption in seconds, then capture packets and getting every handshake and https security.  (logins, banks, stores etc.)   When GPUS get that fast, we may see some very messed up stuff.

To sniff a secure packet will do no good, unless you get the encryption handshakes (and security certificate) for https which would be behind WPA/WPA2 encryption. 

But we are talking of something now that would take a VERY long time to do and you could make a lot more money than probably in their bank account...  But when you can pop in minutes/seconds.... it's gonna get crazy.
« Last Edit: July 14, 2012, 12:03:33 AM by yeshuaisiam »
I learned how to be more frugal and save money at http://www.livingpress.com

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #13 on: July 14, 2012, 01:07:40 AM »
Wow, I'm coming to Yesh for all of my encryption needs now.

Just a quick question, while we are on the topic of WPA, what's the best router I can buy?
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline ironchapman

  • A bull of truth in the china shop of falsehoods.
  • High Elder
  • ******
  • Posts: 792
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #14 on: July 14, 2012, 01:22:00 AM »
"The whole problem with the world is that fools and fanatics are always so certain of themselves, and wiser people so full of doubts." --Bertrand Russell

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #15 on: July 14, 2012, 01:27:55 AM »
And now "J4fS<2" becomes the most used Yahoo password.
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline Quinault

  • Protokentarchos
  • *********
  • Posts: 4,518
  • What about frogs? I like frogs!
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #16 on: July 14, 2012, 03:44:33 AM »
I already changed my password.

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #17 on: July 14, 2012, 11:08:24 PM »
Wow, I'm coming to Yesh for all of my encryption needs now.

Just a quick question, while we are on the topic of WPA, what's the best router I can buy?

Best within most end user costs?

I'd go on Ebay and get a Buffalo WHR-HP-G54 router.   Flash it with DD-WRT firmware.   Very powerful.  It is not N compatible but the range on those are insane.
I learned how to be more frugal and save money at http://www.livingpress.com

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #18 on: July 14, 2012, 11:11:28 PM »
You know I don't need a wireless signal at all. I hardwire everything.

So I guess mentioning WPA is pointless.

If I use the ethernet ports on the back of the router, would I need something so high end as the Buffalo router?
« Last Edit: July 14, 2012, 11:14:15 PM by Achronos »
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #19 on: July 14, 2012, 11:20:42 PM »
You know I don't need a wireless signal at all. I hardwire everything.

If that's the case any 100mbit router is probably fine.  If you got the bucks, go with a 1000mbit for extra joy. :)

I also forgot to mention, if you have a 2WIRE based router from AT&T, the default wifi password is a 10 digit numerical string of numbers.   Those are major targets for WPA cracks.

If your security is WEP encryption, I kid you not, I could be in your router in under 1 minute.  It's a matter of a fake authorization and capturing weak IV's based on fake ARP requests.  All logged then cracked.   Very fast to beat WEP.

Besides the farm, I work with network auditing for a living.   
yes it is kind of a contrast LOL.
Hmmm... Then again...
So is Orthodoxy and Anabaptist....
wait....
I advocate peace and non-resistance then I have a bunch of guns...
and...
I advocate the canons, am avidly against Orthodox change of any kind, then I have my "questions"....
 ???
I'm Schizophrenic and so am I.
I learned how to be more frugal and save money at http://www.livingpress.com

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #20 on: July 14, 2012, 11:23:15 PM »
You definitely are a mess of contradictions yesh, LOL. But seriously, thanks for the info, I'm going for the 1000mbit one for sure, but probably wholly unneccessary right? I mean I can only get a max of 100mbps download speed with Comcast.

But hey, future proof...
« Last Edit: July 14, 2012, 11:23:24 PM by Achronos »
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #21 on: July 15, 2012, 12:03:13 AM »
You definitely are a mess of contradictions yesh, LOL. But seriously, thanks for the info, I'm going for the 1000mbit one for sure, but probably wholly unneccessary right? I mean I can only get a max of 100mbps download speed with Comcast.

But hey, future proof...

100mbps is probably way faster than your Comcast. (most likely)

remember that they are also speaking in Mega-bits not Megabytes.   A byte is 8 bits.   So basically you have to take 100,000,000 bits, divided by 8 to get bytes.  Which is 12,500,000 bytes per second max.   So 1048576 bytes is in a Megabyte.  So roughly your download on comcast would have to be over 11.92 Megabytes a second before that router would be too slow.

so 1000 mbit routers are super fast, but won't improve your internet speed.

MANY comcast connections are 1 meg or under for reasonably priced home internet connections (many are 500k which is half a megabyte).  So any 100mbit router should be fine.
« Last Edit: July 15, 2012, 12:04:37 AM by yeshuaisiam »
I learned how to be more frugal and save money at http://www.livingpress.com

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #22 on: July 15, 2012, 12:06:05 AM »
Sorry I assumed you mis-typed that.

What's fiber optic speeds running these days? Surely circles around broadband right?
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan

Offline yeshuaisiam

  • Protokentarchos
  • *********
  • Posts: 4,697
  • A pulling horse cannot kick.
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #23 on: July 15, 2012, 10:50:24 AM »
Sorry I assumed you mis-typed that.

What's fiber optic speeds running these days? Surely circles around broadband right?

They are insanely fast but the issue with fiber optics for an end user like you and me is that they are so fast that your hard drive can't write as fast as they can copy LOL.

For instance, if you were downloading off a fiber pipe to the internet, from another fiber optic pipe, the connection would slow because most hard drives can't physically write that quickly.  There are solid state storage drives today that are pretty fast, but still you would be dealing with the I/O speeds and capabilities & cache on your motherboard.

But really, all things considered, if you want a super fast connection, 1 meg a second at home is VERY quick.   You can download a full iso of something like a CD (copyright free or freeware of course) that is 700 megs, and be done in about 700 seconds.   Not shabby at all.    A full DVD at 4.7 gigs would be under an hour (again copyright free of course ;) )

After those speeds the connections start getting pretty pricey, often much more than people are willing to spend just to save a few minutes off an occasional transfer.
I learned how to be more frugal and save money at http://www.livingpress.com

Offline Shiny

  • Site Supporter
  • Toumarches
  • *****
  • Posts: 13,267
  • Paint It Red
Re: Yahoo hacked, 450,000 passwords posted online
« Reply #24 on: August 02, 2012, 01:19:24 PM »
“There is your brother, naked, crying, and you stand there confused over the choice of an attractive floor covering.”

– St. Ambrose of Milan