The U.S. Customs Enforcement Cyber Crimes Center (C3), a division of U.S. Immigration and Customs Enforcement (ICE), is now utilizing Sony PlayStation 3 consoles to crack the encrypted passwords of child pornographers.
The $300 PS3 units are around $8,000 less expensive than the PCs previously used, though the agency must use the original PlayStation 3 systems, as the new PS3 slim does not allow for the installation or use of the Linux operating system which C3 apparently uses as a basis for its cracking methods.
Fourth Amendment protection means that suspected pedophiles do not need to turn over the password for their computer. Networked PS3s can process 4.0 million passwords a second, reducing the amount of time needed to discover the correct sequence. A six digit password has 281,474,976,710,656 total possibilities.
Senior Special Agent Claude Davenport noted that there is no need to worry about government employees playing games on the consoles, “There's no controllers hooked up.”
ICE currently owns 20 PS3s and is looking to add up to 40 more.
|Via Kotaku|
Comments
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
What the hell is a "suspected pedophile"? Is that like "you might be gay because you like fashion"?
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
You have to call them "suspected" until they're convicted in a court of law, otherwise you face possible libel and/or slander charges. Watch any news network discuss a criminal act, they do it all the time ("the alleged Fort Worth shooter", etc).
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I never knew that PS3 was able to do such a thing.
Like I am sure that Windows 7 software is MORE powerful than a PS3.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
It's not so much the software as it is the hardware that determines a computer's capabilities. I could install Windows 7 on my computer (manufactured in 2004) and it wouldn't hold a candle to a brand new computer with XP on it.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Unless you're talking about 32 bit XP then it would only utilize the first 2 gigs of ram that pc has....
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
well i can see the sony fanboys trying to use this as saying the ps3 is better than a PC.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Heh, it's certainly evidence that they are cheaper ;)
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
So my math tells me that there are 256 possible choices for each character (original number to the power of 1/6). So let's see assuming it's case sensitive
52- Letters
20-Numbers (+ shift values)
22-other characters on the key board
1-space bar
equals 95, so where do the other 161 come from or is just some trick with binary?
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Extended ASCII table http://www.ascii-code.com/
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
"After securing a warrant, agents can seize and search a suspect's computer, but the Fourth Amendment prevents authorities from forcing suspects to surrender their passwords, Davenport said."
Does anyone know where this was decided? It seems so inconsistent and stupid (this coming form a libertarian), like if you were given a warrant to search a house, and you find a locked drawer but you're not allowed to make the suspect hand over the key.
Oh and
"Senior Special Agent Claude Davenport noted that there is no need to worry about government employees playing games on the consoles, “There's no controllers hooked up.”"
Upon further investigation one agent realized that project Natal would not be ported to the PS3 and the project was abandoned.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I seem to recall a case where a young man was caught at an airport with child pornography on his Laptop, but he managed to power-down the laptop which required a password to restart, I'm pretty sure GP covered it.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
A search for password didn't find it on GP.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/15/AR200801...
Can't find it here either, but here's a link to the Washington Post article.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Darn, no 360 vs. PS3 flame war?
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
A 360 would melt if you tried to use one for this
is that enough flamebait for you?
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Not for me it is. I'd rather see a flame war in which John Keefer represents the 360 and DarkSaber represents the PS3. That's my idea of a good flame war.
"Laaaadies and gentlemen, let's get ready to rummmmmmble!!"
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Yeah, I am less worried about them playing video games on them, and more worried about them using this to get passwords to users accounts other than pedos. There just can't be that many pedos in the world to rationalize doing this. At least I wouldn't think so...
Either way, I see them turning this onto their own people before foreign threats.
Nido Web Flash Tutorials AS2 and AS3 Tutorials for anyone interested.
How to set Xbox 360 Parental Controls
How to set Xbox 360 Parental Controls
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
It should be noted that a US federal judge has ruled that passwords are NOT covered under the 5th ammendment.
This is still in flux at least, but for the moment there is no such consitutional protection.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Although if it still violates the 4th to demand a password the ruling doesn't help much.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
The Fourth doesn't prohibit the state asking for consentually given information. No more than it would prohibit a cop asking you to open your trunk so he can search inside. What is does prohibit is the cop from searching your trunk if you refuse to give consent and he doesn't have either a warrant or probable cause.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Such a ruling. if one existed, would hardly be surprising given that the the Fifth Amendment addresses the unrelated issues of grand jury indictments, double jeopardy, forcing the accused to testify as a witness in their own criminal trial, due process, and eminent domain.
I suspect you meant to refer to the Fourth Amendment, which addresses unlawful search and seizure and the need for a warrant.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Nope, I was referring to the 5th amendment, specifically the right to not self incriminate. The ruling basically said that being forced to divulge your password does not count as self incrimination and thus if you continue to refuse that becomes a crime unto itself.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
If given a choice between snitching on myself to a possible child pornography charge and taking the rap on an obstruction of justice charge, I'll take the latter.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
The tricky part is, trials over kiddy porn have notoriously low standards of proof since juries are easily shocked by even the accusation.
So one has to balance if withholding the password is likely to result in the dropping or the original charges or if it will make your sentance even longer. Juries often see kiddy porn as SO horrible that the risk of sending an innocent person to jail is less a worry then letting a guilty one go. Combine that with 'why would the person refuse if they were innocent?' and refusal is unlikly to help any.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
What I'm not seeing is why law enforcement would be forced to ask anyone facing trial on child pornography charges to disclose their computer password. I'd imagine that upon arrest, there's more than enough probable cause for a search warrant and that your computer would already be in the hands of law enforcement and being turn inside out and upside down long before the case came to trial. Once they've got your computer, do they need to get a password from you? They'd just whip out their trusty PS3 and get to cracking the password. At that point, they ain't gots to ask you for shit. They're taking it.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Cracking passwords is a bit of a crapshoot. It generally only works if they picked a weak password or a bad algorithm. If you do not have either of those, no amount of computing power you can reasonably bring to bear will be enough.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Well if they asked for the password it would take less time than to process it.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
But if the answer they get the first time they ask is "No," then time spent asking again could be time better spent processing.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
But what if the password is "No"?
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Combine this with the fact that we probably shouldn't be giving legal advice
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I think you fools mean GNU/Linux.
Linux is not an operating system. That just refers to the kernal.
Dur
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Nobody cares about linux. Except you it seems.
--------------------------------------------------
I LIKE the fence. I get 2 groups to laugh at then.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
It goes some way towards explaining where the stereotype of Linux users comes from though, doesn't it?
Feel-good Technology
It does 4 million passwords per second for what kind of encryption technology? Cracking a ZIP file password is much cheaper than cracking a RAR password, for instance, such that it becomes extremely impractical to crack RAR passwords past relatively short lengths. I've read that even a six character RAR password would be too long to crack reliably by brute force, which leads me to think this is little more than feel-good technology that at best will catch only the stupidest of criminals.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
So it takes about 814 days to find a 6 digit password for sure.
Good to know that I'll be dead for a long time when they find out my password. And If I add two TrueCrypt Keyfiles they'll need several generations.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Show your math for the last paragraph if you don't mind.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Isn't it obvious?
281,474,976,710,656 possible passwords / 4,000,000 passwords per second = 70368744, the number of seconds to cover the entire password space.
70368744 / 60 = 1172812, the number of minutes.
1172812 / 60 = 19547, the number of hours.
19546 / 24 = 814, the number of days.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I'm just wondering , Are they using a single console or they have severral PS3s clustered. They do not state that the 4 million passwords per second claim is per console or anything like that.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
They have them clustered: "The networked Playstation 3s can process 4 million passwords per second, cutting down on the time necessary to find the correct combination."
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
That's why I said for the last paragrpagh the one where he talks about being dead and taking several generations.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Assuming the cracking software is trying each of the 256 possible values for each character in the password (such that 256^6 = 281,474,976,710,656 for 6 characters, as in the original example), a 7 character password would yield 256^7 = 72,057,594,037,927,936 possible combinations, which translates to approximately 571 years at the stated speed of 4,000,000 tests per second.
And that's for just one guy's password.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
And of course there's no way to tell the correct length of the password in advance.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
And that is also you working with one machine instead of say 6-8 hooked up together.
It is also you giving the longest possible time alloted for each device which is also rather silly.
It isn't the best, but it is as effective as their old system and it is extremely cheap by comparison. Let's say they have their set-up the same as the one they do with the PS3, 6-8 $8,000 computers would be $48,000 - $84,000 vs. $1,800 - $2,400 for just one station. I doubt there is just one station out there, but let's be major conservative and say it takes the place of 10 stations instead of opting for the computer based stations. That is a saving of $462,000 - $816,000 tax payer dollars.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
"And that is also you working with one machine instead of say 6-8 hooked up together."
Wrong. The stated figure of 4,000,000 passwords per second is for the whole cluster of 20 PS3s.
"It is also you giving the longest possible time alloted for each device which is also rather silly."
In theory you could crack a password of arbitrary length on your very first attempt, but that's not so likely to happen. Think of it as improving your chances after every failed test: For a 7 character password, you'd have a 100% chance of cracking it sooner than 571 years, a 75% chance of cracking it sooner than 428 years, a 50% chance of cracking it within 286 years, a 25% chance of cracking it within 143 years, a 10% chance of cracking it within 57 years, and a 1% chance of cracking it within 6 years. As you can see, cracking even a single 7-character password in a reasonable amount of time is a bit like winning the lottery.
Like I said, it's little more than feel-good technology. I suppose doing something -- anything, however worthless -- makes people feel like the government is doing something useful with their money.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
Oh ok, so for a practical standpoint we'd be better just trying to reverse the supreme court decision then waiting for the computing power to catch up.
Hell you'd think the government would have super computers, they helped create the internet for crying out loud.
Let me try the math, my password for my computer is 12 characters long, we'll give them some benefit and limit them to lower case letters and numbers.
So 36^12= 4,738,381,338,321,616,896
/(4,000,000*60*60*24*365) equals 37,563 years at most.
...
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I wonder if this violates the 6th amendment right to a speedy trial, or does taking forever to set a trial date (without any help from lawyers) not qualify?
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
This is of course assuming that they need to go through every password iteration each time they crack any password. Assuming their approach never differs, then there'd only ever be one password that would take the full allotment of time to crack; wouldn't the average time to crack be half that value? (Since the first possible password would be cracked in effectively '0' time, and each consecutive password taking a a step more time toward the maximum time?)
For what I presume is brute force, cracking a password every 407 days doesn't seem that bad; and if they add more machines to their bank is it equally, more or less efficient? If they double their machines, will they be cracking 8mil/second, more or less? If their prosped trippling of their console bank improves their maximum time to 271 days for a maxmimum crack time, I'd say that's pretty good.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
They said cheaper, not more efficient in cracking codes. Baby steps, dude, baby steps.
Re: PS3s Replace Costly PCs to Crack Pedo Passwords
I can't wait until somebody hooks them up to the internet, an update downloads, and their machines go cactus.