Amazines Free Article Archive - Tuesday, January 26, 2021
Read about the most recent changes and happenings at
Log into your account or register as a new author. Start submitting your articles right now!
Search our database for articles.
Subscribe to receive articles emailed straight to your email account. You may choose multiple categories.
View our newest articles submitted by our authors.
View our most top rated articles rated by our visitors.
* Please note that this is NOT the ARTICLE manager
Add a new EZINE, or manage your EZINE submission.
Add fresh, free web content to your site such as newest articles, web tools, and quotes with a single piece of code!
Home What's New? Submit/Manage Articles Latest Posts Top Rated Article Search
Subscriptions Manage Ezines
 Article Archive
 Advertising (133449)
 Advice (161200)
 Affiliate Programs (34763)
 Art and Culture (73756)
 Automotive (145650)
 Blogs (75262)
 Boating (9849)
 Books (17222)
 Buddhism (4128)
 Business (1329065)
 Business News (426395)
 Business Opportunities (366372)
 Camping (10967)
 Career (72763)
 Christianity (15849)
 Collecting (11638)
 Communication (115070)
 Computers (241938)
 Construction (38917)
 Consumer (49685)
 Cooking (17074)
 Copywriting (6665)
 Crafts (18205)
 Cuisine (7545)
 Current Affairs (20420)
 Dating (45891)
 EBooks (19696)
 E-Commerce (48225)
 Education (185320)
 Electronics (83503)
 Email (6408)
 Entertainment (159839)
 Environment (28921)
 Ezine (3039)
 Ezine Publishing (5452)
 Ezine Sites (1550)
 Family & Parenting (110930)
 Fashion & Cosmetics (196458)
 Female Entrepreneurs (11848)
 Feng Shui (131)
 Finance & Investment (310504)
 Fitness (106339)
 Food & Beverages (62929)
 Free Web Resources (7940)
 Gambling (30223)
 Gardening (25155)
 Government (10541)
 Health (629662)
 Hinduism (2206)
 Hobbies (44057)
 Home Business (91586)
 Home Improvement (251098)
 Home Repair (46178)
 Humor (4833)
 Import - Export (5453)
 Insurance (45098)
 Interior Design (29586)
 International Property (3485)
 Internet (191003)
 Internet Marketing (146522)
 Investment (22852)
 Islam (1170)
 Judaism (1356)
 Law (80435)
 Link Popularity (4595)
 Manufacturing (20872)
 Marketing (99047)
 MLM (14136)
 Motivation (18225)
 Music (27013)
 New to the Internet (9496)
 Non-Profit Organizations (4048)
 Online Shopping (129632)
 Organizing (7805)
 Party Ideas (11853)
 Pets (38066)
 Poetry (2234)
 Press Release (12684)
 Public Speaking (5635)
 Publishing (7528)
 Quotes (2407)
 Real Estate (126634)
 Recreation & Leisure (95407)
 Relationships (87681)
 Research (16176)
 Sales (80337)
 Science & Technology (110269)
 Search Engines (23488)
 Self Improvement (153238)
 Seniors (6233)
 Sexuality (35950)
 Small Business (49283)
 Software (83016)
 Spiritual (23471)
 Sports (116098)
 Tax (7659)
 Telecommuting (34067)
 Travel & Tourism (307897)
 UK Property Investment (3121)
 Video Games (13428)
 Web Traffic (11749)
 Website Design (56839)
 Website Promotion (36601)
 World News (1000+)
 Writing (35791)
Author Spotlight

I'm Ellisen, nice to meet you! Obviously you're here because you want to know who I am. Wel...more

Im just a man who likes to be happy and see others happy. Im into home business, sports, family, and...more

Columbia Weather Systems manufactures professional weather stations for industry and government agen...more

Oleg has been providing SEO, Copywriting and Content Management services for 10+ years. For the last...more

An Internet Marketer Promoting Quality Products. ...more

Linkedin's password breach and official response dissected - China High Bay Light Fixtures by icdenta icdenta

Article Author Biography
Linkedin's password breach and official response dissected - China High Bay Light Fixtures by
Article Posted: 01/01/2013
Article Views: 47
Articles Written: 1096
Word Count: 1030
Article Votes: 0
AddThis Social Bookmark Button

Linkedin's password breach and official response dissected - China High Bay Light Fixtures

Business,Business News,Business Opportunities
We dive into the LinkedIn password breach and how the informationmay be cracked. Following the leak of 6.5 million LinkedIn passwords , many made a mad dash to change their passwords, and now thatthings have finally started to settle, the company has posted an official response on the matter . The second paragraph by Vicente Silveira, Director of LinkedIn,states, "First, it's important to know that compromised passwordswere not published with corresponding e-mail logins. At the timethey were initially published, the vast majority of those passwordsremained hashed, i.e., encoded, but unfortunately a subset of thepasswords was decoded. Again, we are not aware of any memberinformation being published at any time in connection with the listof stolen passwords.

The only information published was thepasswords themselves." So maybe things aren't that bad? The answerdepends and requires more dissection. The last portion of the email talks about how LinkedIn is in theprocess of transitioning "from a password database system thathashed passwords, i.e. provided one layer of encoding, to a systemthat both hashed and salted the passwords." Say what? In other words, these passwords were merely protected with a singleSHA-1 hash, which amounts to a part time mall cop as opposed to anarmed escort. For those not in the know, hashing in its purest formis simply a way to a convert several data sets of varying lengthinto a smaller set of fixed length.

Think of it kind of like aone-way decoder ring. That's the extent of what LinkedIn did tosecure passwords. As we explored with WPA, salting (which is part of LinkedIn's newprotocol) is the more serious stuff that requires serious hardwareto crack. I played with the leaked password file about two days ago, and Ithink the forum post by John Graham-Cumming largely sums up my own observations.

In the password file, thereare roughly 3.5 million passwords that begin with 00000. Theseentries appear to be hashes that are already comprised and broken.The others not denoted by zeros at the beginning number another 3million or so, and these appear to be unbroken. These unbroken passwords aren't necessarily safe. In fact, I'vecracked many of them on my own. The problem is LinkedIn only used asingle SHA-1 conversion.

This makes it child's play for anyone witha fast graphics card and some GPGPU-optimized software. On these matters, Ivan Golubev 's my favorite guy to talk to. His cryptography work with GPGPU isamazing. Using his ihashgpu app, a single 6990 is capable of processing ~2.6 billion single SHA-1hashes per second.

Now consider the following: English language has ~300k words Conversation English has somewhere between 15k and 20k words. The search space with brute-force cracking is n^(length ofpassword), where n is the number of elements to choose from. If the password only contains words and numbers, I can searchthrough all two and three word/number combos in matter of minutes,and I can process the entire 3 million chuck of unbroken passwordson my coffee break. If the password is sufficiently random, it's much harder to break.Assuming we're dealing with alphanumeric and say 50 percent searchtime (passwords are usually discovered in the middle of a randomsearch, such as finding 500 starting from 000 and 999), it wouldtake me about half a day to break a single hashed password using a6990. The caveat is that we've capped password length to 8characters.

With ~3 million entries, this speed isn't practical.Bring it down to 7 characters max, and now we can process eachentry in around 15 minutes. The total search time for all ~3million entries is now 85 years. Give a team of hackers someCrossfire 6990 configs, and that time drops down to 5 years. At the end of the day, the LinkedIn's breach is serious, but thesignificance to your personal security is hard to estimate.LinkedIn's blog post is careful to point out email logins weren't published by hackers, but this doesn't exclude them from having this information. LinkedIn hasn't explicitly stated whether emaillogins were part of the original breach.

Hackers could have justchosen to publish the password hashes only. If email logins were part of the breach, I'd consider everyword-based password to be toast. Though, not everyone may be atrisk. LinkedIn claims a user base of ~160 million. The publishedfile contains no duplicates, which means we're dealing with ~6.5million unique passwords.

Given the amount of password reuse andpoor password choices (i.e. passwordpassword or LinkedIn), it's notimprobable every single password was leaked. However, severalpeople converted their password to an SHA-1 hash and told me their password was not on the list. For those who use random passwords, if it happens to be under 7characters in length, I'd say you're at risk and need to changeyour password. Other sites were also reportedly breached (i.e.eHarmony) in what might be related attacks, which is why thoseprofiles too should be updated.

If you fall into this camp, we havea recommendation. While more secure, there's no question that long random passwordsare hard to remember. Words-based passwords, though easy to recall,are also very easy to break. There is a way to bridge the gap andget the best of both words. Use a mnemonic.

Flip open a book, takean uncommon sentence, and use the first character (or second...) ofeach word. Then, add a number at the end. Thus, "To grunt and sweatunder a weary life" from Shakespeare's To Be Or Not To Be , becomes "tgasuawl9." This strategy has long been used by securityexperts for their own passwords, as it's easy to remember andconfounds brute-force cracking. Make sure the phrase is longer than8 words, and you should be good to go. Update: Check To See If Your Password Has Been Compromised Users at risk have been notified, but it's very likely the hackershave more passwords.

If you don't want the websites contacting youfor notification of a breach, you can check if your LinkedIn oreHarmony passwords have been compromised via LastPass: LinkedIn: eHarmony:

The e-commerce company in China offers quality products such as China High Bay Light Fixtures , China T5 Fluorescent Tubes, and more. For more , please visit Led Spot Lighting Fixtures today!

Related Articles - China High Bay Light Fixtures, China T5 Fluorescent Tubes,

Email this Article to a Friend!

Receive Articles like this one direct to your email box!
Subscribe for free today!

 Rate This Article  
Completely useless, should be removed from directory.
Minimal useful information.
Decent and informative.
Great article, very informative and helpful.
A 'Must Read'.


Do you Agree or Disagree? Have a Comment? POST IT!

 Reader Opinions 
Submit your comments and they will be posted here.
Make this comment or to the Author only:
*Your email will NOT be posted. This is for administrative purposes only.
Comments: *Your Comments WILL be posted to the AUTHOR ONLY if you select PRIVATE and to this PUBLIC PAGE if you select PUBLIC, so write accordingly.
Please enter the code in the image:

 Author Login 
Register for Author Account


Advertiser Login


   Limited Time $60 Offer!
   90  Days-1.5 Million Views  


Great Paranormal Romance


I am not a writer nor am I trying to become a writer. I am an average person with average intelligen...more

hello everyone l been on the net since 2000 and enjoy my work l work as an affiliate and also have w...more

Stevert Mckenzie, Travel Enthusiast. ...more

At LeadGenerators, we specialise in content-led Online Marketing Strategies for our clients in the t...more

Linda DeCann is US based pursuing her career as brand ambassador. Previously she has helped hundreds...more

Author of four books and two screenplays; frequent magazine contributor. I have four other books "in...more

I am an International Corporate Consultant specialising in the bespoke formation of offshore compani...more

Steve Bye is currently a fiction writer, who published his first novel, ‘Looking Forward Through The...more

Demonstrated exceptional leadership in the government and private sector at an executive level. Skil...more

My name is Rene I am a Las Vegas nightlife blogger and long time socialite. I currently write for bo...more

HomeLinksAbout UsContact UsTerms of UsePrivacy PolicyFAQResources
Copyright © 2021, All rights reserved.
Some pages may contain portions of text relating to certain topics obtained from under the GNU FDL license