Submitted via IRC for Bytram
Father of Unix Ken Thompson checkmated as his old password has finally been cracked
Back in 2014, developer Leah Neukirchen found an /etc/passwd file among a file dump from the BSD 3 source tree that included the passwords used by various computer science pioneers, including Dennis Ritchie, Ken Thompson, Brian Kernighan, Steve Bourne, and Bill Joy.
As she explained in a blog post on Wednesday, she decided at the time to try cracking the password hashes, created using DES-based crypt(3), using various cracking tools like John the Ripper and hashcat.
When the subject surfaced on the Unix Heritage Society mailing list last week, Neukirchen responded with 20 cracked passwords from the file that's she'd broken five years ago. Five hashed passwords, however, remained elusive, including Thompson's.
ZghOT0eRm4U9s
"Even an exhaustive search over all lower-case letters and digits took several days (back in 2014) and yielded no result," wrote Neukirchen, who wondered whether Thompson might somehow have used uppercase or special characters.
The mailing list participants, intrigued by the challenge, set to work on the holdouts. The breakthrough came on Wednesday, from Nigel Williams, a HPC systems administrator based in Hobart, Tasmania.
"Ken is done," he wrote in a post to the mailing list. The cracking effort took more than four days on an AMD Radeon RX Vega 64 running hashcat at a rate of about 930MH/s.
ZghOT0eRm4U9s is a hash of p/q2-q4!
It's a common chess opening in descriptive notation. As Neukirchen observed, Thompson contributed to the development of computer chess.
(Score: 2) by DannyB on Thursday October 10 2019, @03:58PM (4 children)
+1 Informative, while I still have mod points to give
There are more techniques. Have a Tiny C compiler implemented in some other language perhaps. (Not BASIC) Maybe on a different system than the target system.
Other thoughts:
What about a translator that takes a C source program, and translates or obfuscates or pessimizes it into a different but functionally identical C program. The obvious first step is randomizing all identifier names (variables, functions, etc). This would still compile to same object code. But also re-arrange procedure order, especially at link time. Add random pessimizations (a "pessimizing" compiler instead of an "optimizing" compiler -- it generates code far worse than the obvious translation but the output is still C source code, and functionally equivalent). Maybe I don't care that the first run of TinyCC is very slow (pessimized).
Ultimately, how do you defeat: Intel Management Engine!
The hardware is subverted. From the factory.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Thursday October 10 2019, @04:17PM (2 children)
https://www.homebrewcpu.com/photo_gallery.htm [homebrewcpu.com]
https://www.youtube.com/watch?v=Uvvsaj7BBzo [youtube.com]
(Score: 2) by FatPhil on Thursday October 10 2019, @04:40PM (1 child)
I laugh, but this is a heroic bit of nerdy masochism - I approve.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by DannyB on Thursday October 10 2019, @05:50PM
> this is a heroic bit of nerdy masochism
But you don't approve of Java?
🤭
I assume you saw my link a couple days ago [soylentnews.org] to the Java Hello World Enterprise Edition.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Interesting) by FatPhil on Thursday October 10 2019, @04:33PM
Someone needs to build such a compiler, so that we can try to break it! (And thus make version N+1 stronger!)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves