nuff said
Topic: Info about the recent attack - page 6. (Read 52589 times)
Can anyone tell me why sites/programs like LastPass.com/KeyPass/KeyPassX would be anymore secure than the a browser extension like PasswordHash (for Chrome and Firefox)
The principle of this browser extension is that at any site where you are asked to enter a password, the extension will enter a password that is sha256( + domain) (or any other cryptographic hash function). For example, if my chosen password is "masterpassword", the password that would be used to log into gmail.com would be sha256("masterpasswordgmail.com") (=9b2b649d3124c81093f9080a88b9d3723940dfe0707d8524d0403c9641bc99c3).
This is the principle. The output could of course be truncated since few sites allow passwords this long. But as far as I can see this achieves exactly the same as LastPass.com and KeyPass(X) with much less complexity. If an attacker compromises a database and - even if they are stored as clear text - gets your password (the sha256 hash), he has no use for it since he can't find your master password even knowing the domain that was used together with the master password to create the hash. This is basically using a SALT that is the domain name of the site you're visiting.
The principle of this browser extension is that at any site where you are asked to enter a password, the extension will enter a password that is sha256(
This is the principle. The output could of course be truncated since few sites allow passwords this long. But as far as I can see this achieves exactly the same as LastPass.com and KeyPass(X) with much less complexity. If an attacker compromises a database and - even if they are stored as clear text - gets your password (the sha256 hash), he has no use for it since he can't find your master password even knowing the domain that was used together with the master password to create the hash. This is basically using a SALT that is the domain name of the site you're visiting.
I cannot recall where I read it, but I think theymos (was it someone else?) mentioned that only a few bitcoin community members were contacted by email regarding volunteers for hosting the forum. Is it possible to shed some light on the people that were contacted so the community knows who were the only people that had opportunity to volunteer to host the forum?
Anyone willing to suggest who the people that were contacted are? Perhaps this is undesirable to publicate?
Found a follow up email after the initial request for volunteers: http://pastebin.com/48tPCHUP
Malmi Martti
Jeff Garzik
Mike Hearn
Bruce Wagner
Pieter Wuille
[email protected]
Marc Bevand
Matt Corallo
Jed McCaleb
Gavin Andresen
Nils Schneider
[email protected]
solar
Stefan Thomas
Also, included in original email (not shown in pastebin above):
[email protected]
[email protected] (slush)
I have no problem with bitcoin, it's the die hard libertarians that get me rollin. It's always great seeing them get screwed over by the same system they want to push on everyone else.
If it's great "seeing them get screwed" why do you interfere instead of just watching from the sideline?
Your interference, and the interference from the other goons makes me suspect that there's more to it than just "seeing die hard libertarians getting screwed over by the same system they want to push"...
DO NOT USE WEBSITES TO GENERATE YOUR PASSWORDS
There is a good chance that your new and shiny password is stored for later attacks!
Create 4 random passwords which contains no special characters and are 10 characters long:
Create 4 random passwords which DO contains special characters and are 12 characters long:
This is useful if you want passwords you don't need to remember. Obviously, few people are able to remember a password like "Qc{Jb>pK)|_m". If you want a password that's just as strong but easier to remember, use a dictionary with the shuf command, like this:There is a good chance that your new and shiny password is stored for later attacks!
Create 4 random passwords which contains no special characters and are 10 characters long:
Code:
cat /dev/urandom| tr -dc 'a-zA-Z0-9' | fold -w 10| head -n 4
Create 4 random passwords which DO contains special characters and are 12 characters long:
Code:
$ cat /dev/urandom| tr -dc 'a-zA-Z0-9-_!@#$%^&*()_+{}|:<>?='|fold -w 12| head -n 4| grep -i '[!@#$%^&*()_+{}|:<>?=]' Code:
shuf -n 6 --random-source=/dev/random /usr/share/dict/words
This will pick 6 random words (using /dev/urandom to create the random numbers) from the dictionary /usr/share/dict/words. /usr/share/dict/words on my machine contains about 98500 words. I have another dictionary that contains 74000 words (excluding words ending in "'s" from /usr/share/dict/words). Now let's say I create a password using 6 words from the latter dictionary (74000 words):
Code:
shuf -n 6 --random-source=/dev/random Desktop/simwords
scramblers
chiseled
therapeutic
adjuster
lamebrains
gibbeted
So the password is "ScramblersChiseledTherapeuticAdjusterLamebrainsGibbeted". The number of possible combinations are 74000^6=~10^29 which is the equivalent of a 15 character password consisting of upper/lowercase letters, numbers and special characters (like "&+-qnk_Wh<7TeNF").
Which one is the easiest to remember? They both have approximately the same entropy.
Anyone with a brain ignored you me a long time ago. Guess I you should too, after all I only came to this forum to troll.
FTFY
Now, STFU and GTFO!
You seem upset.
Upset?
You seem more upset than me, after all it's you who came here just to troll a forum about something you don't like... Is Bitcoin a threat to you in some way?
I have no problem with bitcoin, it's the die hard libertarians that get me rollin. It's always great seeing them get screwed over by the same system they want to push on everyone else.
Anyone with a brain ignored you me a long time ago. Guess I you should too, after all I only came to this forum to troll.
FTFY
Now, STFU and GTFO!
You seem upset.
Upset?
You seem more upset than me, after all it's you who came here just to troll a forum about something you don't like... Is Bitcoin a threat to you in some way?
Anyone with a brain ignored you me a long time ago. Guess I you should too, after all I only came to this forum to troll.
FTFY
Now, STFU and GTFO!
You seem upset.
Anyone with a brain ignored you me a long time ago. Guess I you should too, after all I only came to this forum to troll.
FTFY
Now, STFU and GTFO!
Anyone with a brain ignored you a long time ago. Guess I should too, but I wanna see if you make a car analogy next.
No, but y'see how it says "Gullible" on the ceiling? Right, and I just stole your wallet while you were staring at the ceiling, GJ on that too. If you can't elaborate on what you meant without resorting to dumbass candy analogies you should probably just stop. And how the passwords are hashed isn't exactly a secret only known to the top members of the cabinet.
GJ missing the point. Next please? Can I get someone with a functioning brain, please?Anyone with a brain ignored you a long time ago. Guess I should too, but I wanna see if you make a car analogy next.
If you can't elaborate on what you meant without resorting to dumbass candy analogies you should probably just stop. And how the passwords are hashed isn't exactly a secret only known to the top members of the cabinet.
GJ missing the point. Next please? Can I get someone with a functioning brain, please? Helped? No. Sparked the idea? That's my point. It's a psychological thing, not a technological thing. It's like the candy stands at the checkout... when you go through a grocery store, do you ever actually SEEK OUT the candy? Well, only if you've got candy issues But generally, no. You get to the checkout, and bam: candy. Mm... candy, that would be nice to have! I can afford it, whatever. *grab*
Now, the hack. Mm, I've done all my deeds for the day, Cosbycoin is floating all over the forum, screenshots are taken, lulz are collectively had, it's been a fun day. Ahh, it's offline. Ahh, it's back online. What'd that whiny brat admin say about us? ("checkout" phase) Ooh, what's this? Haha, that's stupid-easy to do. ("candy" phase) Sure enough, it works! Haha, suckers, now we have all their passwords too.
They may or may not have actually investigated the passwords, and even still there's a probability that they hadn't. But the probability pretty much exploded the moment some dingbat thought it would be smart to advertise how the passwords are hashed.
But generally, no. You get to the checkout, and bam: candy. Mm... candy, that would be nice to have! I can afford it, whatever. *grab*Now, the hack. Mm, I've done all my deeds for the day, Cosbycoin is floating all over the forum, screenshots are taken, lulz are collectively had, it's been a fun day. Ahh, it's offline. Ahh, it's back online. What'd that whiny brat admin say about us? ("checkout" phase) Ooh, what's this? Haha, that's stupid-easy to do. ("candy" phase) Sure enough, it works! Haha, suckers, now we have all their passwords too.
They may or may not have actually investigated the passwords, and even still there's a probability that they hadn't. But the probability pretty much exploded the moment some dingbat thought it would be smart to advertise how the passwords are hashed.
If you can't elaborate on what you meant without resorting to dumbass candy analogies you should probably just stop. And how the passwords are hashed isn't exactly a secret only known to the top members of the cabinet.
Helped? No. Sparked the idea? That's my point. It's a psychological thing, not a technological thing. It's like the candy stands at the checkout... when you go through a grocery store, do you ever actually SEEK OUT the candy? Well, only if you've got candy issues But generally, no. You get to the checkout, and bam: candy. Mm... candy, that would be nice to have! I can afford it, whatever. *grab*
Now, the hack. Mm, I've done all my deeds for the day, Cosbycoin is floating all over the forum, screenshots are taken, lulz are collectively had, it's been a fun day. Ahh, it's offline. Ahh, it's back online. What'd that whiny brat admin say about us? ("checkout" phase) Ooh, what's this? Haha, that's stupid-easy to do. ("candy" phase) Sure enough, it works! Haha, suckers, now we have all their passwords too.
They may or may not have actually investigated the passwords, and even still there's a probability that they hadn't. But the probability pretty much exploded the moment some dingbat thought it would be smart to advertise how the passwords are hashed.
But generally, no. You get to the checkout, and bam: candy. Mm... candy, that would be nice to have! I can afford it, whatever. *grab*Now, the hack. Mm, I've done all my deeds for the day, Cosbycoin is floating all over the forum, screenshots are taken, lulz are collectively had, it's been a fun day. Ahh, it's offline. Ahh, it's back online. What'd that whiny brat admin say about us? ("checkout" phase) Ooh, what's this? Haha, that's stupid-easy to do. ("candy" phase) Sure enough, it works! Haha, suckers, now we have all their passwords too.
They may or may not have actually investigated the passwords, and even still there's a probability that they hadn't. But the probability pretty much exploded the moment some dingbat thought it would be smart to advertise how the passwords are hashed.
So you think mentioning the SMF password hashing algorithm helped the attacker to crack the hashes? I don't think so. Actually just posting them on a site like hashkiller.com or insidepro.com would be enough to get a decent part of them cracked.
But hey I just gave out more sensitive data to the potential attacker. Damn
But hey I just gave out more sensitive data to the potential attacker. Damn
That's, again, the guard analogy. You could either have the security hole/method laid out right in front of you with reckless abandon, splayed out to everyone in a public message... and then the attacker is TOLD about the method/hole... or they could NOT be told, and at least have the *possibility* that the attacker was unaware of how "easy" it would be to break the hashes. Either way, they could just stake out the guard spot for a night and find out for themselves if they REALLY wanted to. Same as they could've just Googled it, had the information not been laid out right in front of 'em.
The point is, THERE WAS NO REASON TO WRITE THAT STATEMENT IN THIS MESSAGE. NOBODY NEEDED THAT KIND OF DETAIL.
It's irrelevant if the detail itself is important - I could say "Hi, my name is Bob", and that's more information than is needed; I could have accomplished the same thing with a simple "Hi!". It's volunteering unnecessary information that's the problem here. It's easily known that my name was Bob if they REALLY WANTED TO KNOW (e.g. "SMF is an opensource [sic] product"), and it's also irrelevant if that information would have been of any malicious use ("No, it did not"). It's just the fact that the information was not necessary to begin with, it shouldn't've been said.
The point is, THERE WAS NO REASON TO WRITE THAT STATEMENT IN THIS MESSAGE. NOBODY NEEDED THAT KIND OF DETAIL.
It's irrelevant if the detail itself is important - I could say "Hi, my name is Bob", and that's more information than is needed; I could have accomplished the same thing with a simple "Hi!". It's volunteering unnecessary information that's the problem here. It's easily known that my name was Bob if they REALLY WANTED TO KNOW (e.g. "SMF is an opensource [sic] product"), and it's also irrelevant if that information would have been of any malicious use ("No, it did not"). It's just the fact that the information was not necessary to begin with, it shouldn't've been said.
Quote
Well, basically, if the salt value is known, it's much easier to generate a table (we all know how quick THAT goes with Bitcoin mining - not necessarily a table, but a shitload of hashes), than it would be to try to brute-force the thing from scratch.
That's completely wrong.
Quote
It went from being "nearly impossible" to "just a minor inconvenience", by spewing out how to get the salt values for each password.
No, it did not.
Quote
All that, and it didn't even have to be said - simply, "change your passwords" and if so desired, "if it's less than x digits long" or whatever. It didn't need to be said how the salts work or what algorithm they were stored in - up to that point, they were still gibberish until someone decided to look up how SMF stores password hashes... *or* in the guard analogy, they just know there are guards there, until someone stands there all day and watches their behavior, OR until someone just blabs it out in a public announcement.
SMF is an opensource product and the way it hashes user password is well known.
I just don't understand why the forum needed to be moved to a new server if the fuckin exploit was on the forum script and not on the server, but i guess that's how shit is managed around here...
Sirius wanted to hand the hosting over to someone else.
Thread about emails discussing the change
Well, basically, if the salt value is known, it's much easier to generate a table (we all know how quick THAT goes with Bitcoin mining - not necessarily a table, but a shitload of hashes), than it would be to try to brute-force the thing from scratch. It went from being "nearly impossible" to "just a minor inconvenience", by spewing out how to get the salt values for each password. All that, and it didn't even have to be said - simply, "change your passwords" and if so desired, "if it's less than x digits long" or whatever. It didn't need to be said how the salts work or what algorithm they were stored in - up to that point, they were still gibberish until someone decided to look up how SMF stores password hashes... *or* in the guard analogy, they just know there are guards there, until someone stands there all day and watches their behavior, OR until someone just blabs it out in a public announcement.
Salting bascially changes the original value and the comparison value with a known figure so the hashes can't be referenced to a lookup table, and so they can't be broken without knowing the salt value. Oh wait, we know the salt value now. Haha, that was easy™.
Again, with the big exclamation of, "Everyone lock your doors, they might have gotten a copy of the KEY TO THE KINGDOM! *attachment: high-res picture of key to the kingdom.jpg*"
It doesn't really matter if you know the salt value. The salt doesn't have to be a secret; that's not the point of it. It's just so that a mapping of passwords to hashes can't be pre-computed ahead of time (which would then turn brute force attempts into a simple lookup). With a salt, you'd have to compute a table for each user separately, even if you know the salt for the each user, which is infeasible to do; and it's doubtful that any such tables already exist in the wild for any salted password on this forum, which, if you use a decently strong password, gives you ample time to go and change it wherever you used it before somebody cracks it.Again, with the big exclamation of, "Everyone lock your doors, they might have gotten a copy of the KEY TO THE KINGDOM! *attachment: high-res picture of key to the kingdom.jpg*"
That's because hash functions give very unpredictable result outputs by design. If you change even the slightest thing in the password it will hash to something completely different and unpredictable. And they are infeasible to reverse, so you can't just take the salt away from the hashed password after the fact. It's like trying to uncook a meal to get the raw ingredients back out again.
Jump to: