I’m what you can call a skeptic when it comes to the search for extra-terrestrial intelligence, but an open minded one at that. I only recently installed the new boinc manager, made by the berkeley staff, the new client that allows you to donate your computer’s spare time (the time that it’s would otherwise be running a screen saver).
The SETI project, as it is called, receives a large amount of data from space, splits this data into tiny packages that are sent out to believers and “donors” for analysis. Hundreds of thousands, maybe even millions of computers are donating a tiny bit of their time, and together they form a super computer with insane number crunching powers! Number crunching! Where’s that useful…
Have you ever heard of rainbow tables? No? Guess what, you’re in for the surprise of your life. First follow the link on the rainbow tables to get an idea of what it is, then think about the seti project. Imagine that type of number crunching power, used to un-hash every possible combination of codes that you could ever dream up from a commom function, such as MD5.. That would mean that if I got hold of your creditcard, and knew what type of algorithm your bank uses to encode your pin-code, I can suddenly just read the cards hash code, and look it up in my rainbow table!
Good thing I don’t have the computing power to calculate that table, right? It would literally take thousands of computers like my laptop to perform the calculations within my lifetime.. hmm.. oh, hang on.. what’s this?? Follow this link here, people. I rest my case.
The tables are huge in size, around 450 GB for a single table is quite a bit of data, or at least, it used to be only 4 years ago. Today, 450GB costs “nothing”. Terabyte storage capacity is just around the corner to you and me. I can buy a 750GB harddrive today, if I wanted to, and there is nobody to stop me from doing it. With distributed download, I can easilly and successfully download that mother of all tables within a week or so, and I am then ready to be a pirate. All thanks to BOINC.
Bergfrid know that her credit cards were hacked, she wasn’t phished or phracked as the bank claims. Her cards were stolen, her credit card was read in a pocket reader, and then someone did a table lookup to get the pin codes that correspond to the hash there.
Any person with just the very very basic piece of knowledge about software developement can tell you that an MD5 is no longer secure when the ability to just look up the hash in a table is given to him. He no longer needs to “guess” the proper hash, he can just look it up.
Banks around the world – wake up. BOINC made it possible for hackers to unite their computing power and to perform calculations that will thwart the security of VISA cards. I want my 8-digit pin code NOW!
This is a little off topic, but instead of crunching numbers for SETI, maybe you should think about turning your computer(s) off when not in use. It might reduce your power bill a bit.
Haha!! Touché! Spot-on!
I should switch off at least 5 of’em, can’t kill my servers though..