Yahoo hacked, 450,000 passwords posted online

[Asteriktos]

Yahoo hacked, 450,000 passwords posted online

Hackers posted online what they say is login information for more than 450,000 Yahoo users.
 
The hack, which of course was conducted anonymously, was meant to be a warning, according to the Web page where the documents were dumped...

[Asteriktos]

Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

[PeterTheAleut]

Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

Well, DUHHH!

[vamrat]

Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

I need to change the password on my luggage! 

[Cognomen]

Sequential lists of numbers, like "12345," were used 2,295 times, and "password" was used 780 times, out of the 450,000 passwords.

That's the kind of thing an idiot would have on his luggage!

I need to change the password on my luggage!  

 

[Quinault]

Everyone needs to have capital, lowercase, numbers and symbols in a password to make it secure.

[PeterTheAleut]

Everyone needs to have capital, lowercase, numbers and symbols in a password to make it secure.

Well, no password is perfectly secure, but people do need to follow this advice to make their passwords as strong as they can be.

[Quinault]

My husband had to learn to crack that stuff while working MI.

Even just doing Pa$sW0Rd is better than password or PASSWORD

[Achronos]

You can hack into my account if you want. Password is : ilovevamrat

[yeshuaisiam]

Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))

[dcommini]

I don't even need a quick processor to sniff secure packets, I can do tthat right now legally with free software.And WPA2 has been cracked now as well so with the right OS you can hack into wireless and grab free internet...

Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))

[Asteriktos]

GiC? Is that you?

[yeshuaisiam]

I don't even need a quick processor to sniff secure packets, I can do tthat right now legally with free software.And WPA2 has been cracked now as well so with the right OS you can hack into wireless and grab free internet...

Dunno how much any of you know about computers/hacking.....

I witnessed 4 video cards running John the ripper dumping passwords into a crack.   (Video card processors are faster).

This thing was doing 1 million keys a second.    I started doing some math...
Typically processors double in speed every 18 months.  So in 6 years we could be talking 8 million keys a second.  Two computers together 16 million, three 24 million, four 32 million (you get the point).

We are in deeeeeeeeeep deeeeeeep trouble guys.  You are going to have people grabbing encrypted wpa packets out of the air who can pop the wpa encryption and sniff encrypted connections (yes even under 128 bit).   With a good sniffer and antenna, people will be able to capture all TX & RX transmissions from AP to wifi MAC.   We are gonna see a STORM of craziness because people are going to have to have passwords that are "human like" that we can remember.  But all of those are weak.  To be semi protected  you'll have to be like:

sI*kd&@3vv82Kif)**7%#d1335ifso!!3

People are not gonna keep up with processing speed of these cracks.   I never dreamed in my younger hack days I'd be living to see 32 million keys tested per second!   Hopefully some guy with some spare bucks will set it up.

Wow in 1 single minute its almost 2 trillion keys.   1 hour 120 trillion keys.  1 day almost 3 quadrillion keys.   Now that's a lot of keys.  LOL  I think we are all going to get messed up from that stuff.   I can't even imagine what will be in 20 years from now.  (that is if processors keep up their rate)
Estimate (20 years at processor doubling 18 months, near 384 quadrillion keys per day (utilizing GPU & CPU speed as well))

Yes WPA2 is cracked and you can sniff packets.  But WPA2 is mostly cracked through testing dictionaries against it from a handshake packet between AP and client.

What I'm talking about is bruteforcing WPA encryption with randomness only taking a short time (depending on password strength and length).  Typically right now, with only a cpu processor (even some of the latest) 15,000 keys a second is about the maximum.   With the GPU hacks, and 4 video cards piggybacked, I saw 1 million a second.   Amazing speeds...   I think there are some youtube vids going 120,000/sec.

What I am talking about is being able to pop an WPA/WPA2 encryption in seconds, then capture packets and getting every handshake and https security.  (logins, banks, stores etc.)   When GPUS get that fast, we may see some very messed up stuff.

To sniff a secure packet will do no good, unless you get the encryption handshakes (and security certificate) for https which would be behind WPA/WPA2 encryption. 

But we are talking of something now that would take a VERY long time to do and you could make a lot more money than probably in their bank account...  But when you can pop in minutes/seconds.... it's gonna get crazy.

[Achronos]

Wow, I'm coming to Yesh for all of my encryption needs now.

Just a quick question, while we are on the topic of WPA, what's the best router I can buy?

[ironchapman]

You can check if your password was hacked here:

http://www.pbs.org/newshour/rundown/2012/07/check-whether-your-yahoo-password-was-hacked.html

[Achronos]

And now "J4fS<2" becomes the most used Yahoo password.

[Quinault]

I already changed my password.

[yeshuaisiam]

Wow, I'm coming to Yesh for all of my encryption needs now.

Just a quick question, while we are on the topic of WPA, what's the best router I can buy?

Best within most end user costs?

I'd go on Ebay and get a Buffalo WHR-HP-G54 router.   Flash it with DD-WRT firmware.   Very powerful.  It is not N compatible but the range on those are insane.

[Achronos]

You know I don't need a wireless signal at all. I hardwire everything.

So I guess mentioning WPA is pointless.

If I use the ethernet ports on the back of the router, would I need something so high end as the Buffalo router?

[yeshuaisiam]

You know I don't need a wireless signal at all. I hardwire everything.

If that's the case any 100mbit router is probably fine.  If you got the bucks, go with a 1000mbit for extra joy.

I also forgot to mention, if you have a 2WIRE based router from AT&T, the default wifi password is a 10 digit numerical string of numbers.   Those are major targets for WPA cracks.

If your security is WEP encryption, I kid you not, I could be in your router in under 1 minute.  It's a matter of a fake authorization and capturing weak IV's based on fake ARP requests.  All logged then cracked.   Very fast to beat WEP.

Besides the farm, I work with network auditing for a living.   
yes it is kind of a contrast LOL.
Hmmm... Then again...
So is Orthodoxy and Anabaptist....
wait....
I advocate peace and non-resistance then I have a bunch of guns...
and...
I advocate the canons, am avidly against Orthodox change of any kind, then I have my "questions"....
 
I'm Schizophrenic and so am I.

[Achronos]

You definitely are a mess of contradictions yesh, LOL. But seriously, thanks for the info, I'm going for the 1000mbit one for sure, but probably wholly unneccessary right? I mean I can only get a max of 100mbps download speed with Comcast.

But hey, future proof...

[yeshuaisiam]

You definitely are a mess of contradictions yesh, LOL. But seriously, thanks for the info, I'm going for the 1000mbit one for sure, but probably wholly unneccessary right? I mean I can only get a max of 100mbps download speed with Comcast.

But hey, future proof...

100mbps is probably way faster than your Comcast. (most likely)

remember that they are also speaking in Mega-bits not Megabytes.   A byte is 8 bits.   So basically you have to take 100,000,000 bits, divided by 8 to get bytes.  Which is 12,500,000 bytes per second max.   So 1048576 bytes is in a Megabyte.  So roughly your download on comcast would have to be over 11.92 Megabytes a second before that router would be too slow.

so 1000 mbit routers are super fast, but won't improve your internet speed.

MANY comcast connections are 1 meg or under for reasonably priced home internet connections (many are 500k which is half a megabyte).  So any 100mbit router should be fine.

[Achronos]

Sorry I assumed you mis-typed that.

What's fiber optic speeds running these days? Surely circles around broadband right?

[yeshuaisiam]

Sorry I assumed you mis-typed that.

What's fiber optic speeds running these days? Surely circles around broadband right?

They are insanely fast but the issue with fiber optics for an end user like you and me is that they are so fast that your hard drive can't write as fast as they can copy LOL.

For instance, if you were downloading off a fiber pipe to the internet, from another fiber optic pipe, the connection would slow because most hard drives can't physically write that quickly.  There are solid state storage drives today that are pretty fast, but still you would be dealing with the I/O speeds and capabilities & cache on your motherboard.

But really, all things considered, if you want a super fast connection, 1 meg a second at home is VERY quick.   You can download a full iso of something like a CD (copyright free or freeware of course) that is 700 megs, and be done in about 700 seconds.   Not shabby at all.    A full DVD at 4.7 gigs would be under an hour (again copyright free of course )

After those speeds the connections start getting pretty pricey, often much more than people are willing to spend just to save a few minutes off an occasional transfer.

[Achronos]

Hey Yesh:

https://fiber.google.com/about/

/drools

[Tags:]

OrthodoxChristianity.net > Moderated Forums > Free-For-All > Non-Religious Topics (Moderator: Pravoslavbob) > Topic: Yahoo hacked, 450,000 passwords posted online