![](\"http:\/\/cyber.law.harvard.edu\/blogs\/static\/dowbrigade\/ctv1.gif\")
A trio of entrepreneurial hackers hope
\n to do for the business of password cracking what Google did for search
\n and, in the process, may remove the last vestiges of security from many
\n password systems.<\/p>\n
Over the past two years, three security enthusiasts from the United States
\n and Europe set a host of computers to the task of creating eleven enormous
\n tables of data that can be used to look up common passwords. <\/p>\n
The tables
\n – totaling 500GB – form the core data of a technique known as rainbow
\n cracking, which uses vast dictionaries of data to let anyone reverse
\n the process
\n of creating hashes – the statistically unique codes that, among other
\n duties, are used to obfuscate a user’s password.Last week, the trio went
\n public
\n with their service. Called RainbowCrack Online, the site allows anyone
\n to pay a subscription fee and submit password hashes for cracking.<\/p>\n
This is no different that making skeleton keys or from the <\/p>\n<\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" A trio of entrepreneurial hackers hope to do for the business of password cracking what Google did for search and, in the process, may remove the last vestiges of security from many password systems. Over the past two years, three … Continue reading
\n selling kits that allow folks to pirate cable signals. People
\n who care about or need secure systems will start using passwords that
\n rainbow tables
\n can’t crack. However, trying to pass themselves off as a legitimate
\n business and selling cracks from their web site, lacking a number of
\n legitimate customers, smacks us as about as smart as selling the other
\n kind of crack.<\/em><\/p>\n
\n Register<\/a><\/p>\n