running Linux on odd devices is SOOO COOL!
Alex Dean
alex at crackpot.org
Sun Nov 15 10:56:18 MST 2009
On Nov 15, 2009, at 10:40 AM, Kurt Granroth wrote:
> I feel pretty safe with a protocol that would require long than the
> age
> of the universe to crack! I would NOT consider that broken :-)
I think this is a pretty sane approach to things. You have to think
about likely vs. unlikely, not possible vs. impossible.
The fact that any password can be guessed eventually isn't the point.
You just have to make it inconvenient enough for an attacker that they
give up and go somewhere else. Obviously that calculus is different
when the payoff for your cracking efforts is 'taking down a power
grid' or 'launching a missile', instead of 'free wireless access'. To
me, if its likely to take a cracker multiple years of concerted effort
to break my wireless network, that's plenty for me.
Kurt : Is that "28 trillion hours" figure you cited the estimated time
to try *all* 12 character passwords? If so, I think that's not the
right metric. The search for a password stops once you've found the
correct one, and you'd only try them all if the correct password is
the very last one you tried. It'd be helpful to know something like
"I'm able to attempt 95% of all 12 character passwords after 28
trillion hours". If the password is truly a random string of junk,
it's perfectly possible (just phenomenally unlikely) that you'll guess
it on the 1st try.
Thanks for an interesting discussion.
alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20091115/1e1c9614/attachment.pgp
More information about the PLUG-discuss
mailing list