This is Tet Yoon Lee's Typepad Profile.
Join Typepad and start following Tet Yoon Lee's activity
Join Now!
Already a member? Sign In
Tet Yoon Lee
Recent Activity
See also http://news.ycombinator.com/item?id=2891654 Note that I'm not disagreeing with the basic premise, that with GPUs certain hashes can be calculated very fast so a salt is far from sufficient with out a fairly long password and a better hash function, simply pointing out from what I can tell, rainbow tables are still useful and still being used.
Toggle Commented Jun 28, 2012 on Speed Hashing at Coding Horror
Is the claim no one bothers with rainbow tables any more really accurate though? I note someone in reply to Anthony Ferrara's blog claimed that rainbow tables still have their uses. I'm not involved in the field, but it strikes me too as probably wrong. Storage space isn't exactly expensive. Even with the recent spikes due to the Thailand floods, you can still have 8TB for less then US$500 or about the price of a high end GPU. This is more then enough to store all current MD5 tables from the distributed rainbow tables effort http://www.freerainbowtables.com/en/tables2/ with room for expansion either of your own work or future stuff from the distributed work. How much time will this save you? I don't actually know although my impression is it will often be faster then computing the stuff again. (Many of the tables apparently require GPU for use http://www.freerainbowtables.com/phpBB3/viewtopic.php?f=2&t=3255 .) I'm not sure it's really a matter of just hoping your victim didn't use a salt. If you've targeting a specific victim or perhaps a few where security is paramount perhaps it's forlorn. But if you're say. a spammer breaking in to sites to try and steal their passwords hoping they were used for Facebook, twitter or email accounts you can then use for spamming, the recent high profile anonymous and LulzSec breaches have shown theres a fair chance you will have success many times since so many sites still don't bother to salt. Given the price of storage space, you probably only have to use your rainbow table a few times to make up for the cost. In other words, it's a numbers game and the evidence suggests to me rainbow tables will often still be a winner in some fashion.
Toggle Commented Jun 28, 2012 on Speed Hashing at Coding Horror
Jeff Atwood is quite right you shouldn't play chicken with your data. That's what BACKUPS are for. It's far smarter to have your HDDs at 45 degrees C and regularly backup then it is to have your HDD at 20 degrees C and never or rarely backup. Particularly if your data is your professional work. In other words, the most important thing you should do is to keep backups of important data NOT to monitor HDDs temperatures. Incidentally, anecdotal claims like 'My HDD died at it was 50 degrees C' or even 'I've usually kept my HDDs at 30 degrees C but this one case I let it reach 50 degrees C and it died' are basically useless in determing quantitative failure statistics like Google provided. P.S. And no, RAID isn't a backup. If you think it is, you probably shouldn't be working professionally in the computing field.
Toggle Commented Jul 18, 2011 on Hard Drive Temperatures: Be Afraid at Coding Horror
Tet Yoon Lee is now following The Typepad Team
Jul 17, 2011