PS3s Replace Costly PCs to Crack Pedo Passwords
PS3s Replace Costly PCs to Crack Pedo Passwords
November 16, 2009
The U.S. Customs Enforcement Cyber Crimes Center (C3), a division of U.S. Immigration and Customs Enforcement (ICE), is now utilizing Sony PlayStation 3 consoles to crack the encrypted passwords of child pornographers.
The $300 PS3 units are around $8,000 less expensive than the PCs previously used, though the agency must use the original PlayStation 3 systems, as the new PS3 slim does not allow for the installation or use of the Linux operating system which C3 apparently uses as a basis for its cracking methods.
Fourth Amendment protection means that suspected pedophiles do not need to turn over the password for their computer. Networked PS3s can process 4.0 million passwords a second, reducing the amount of time needed to discover the correct sequence. A six digit password has 281,474,976,710,656 total possibilities.
Senior Special Agent Claude Davenport noted that there is no need to worry about government employees playing games on the consoles, “There's no controllers hooked up.”
ICE currently owns 20 PS3s and is looking to add up to 40 more.
|Via Kotaku|
A PUBLICATION OF THE ECA
SUBSCRIBE
LOGIN / REGISTER
Crispy Gamer
GamePolitics ShoutBox
Posted 07/30/10 at 10:25am
ZippyDSMlee: No lan too but that will be hack in, with 2X maps its as big as SC,so....want more now ;P
ZippyDSMlee: No lan too but that will be hack in, with 2X maps its as big as SC,so....want more now ;P
Posted 07/30/10 at 10:19am
Rodrigo Ybáñez García: @Cheater: Thank you, I´ll try it later. It happened after I installed the new upgrade, btw
Rodrigo Ybáñez García: @Cheater: Thank you, I´ll try it later. It happened after I installed the new upgrade, btw
Posted 07/30/10 at 01:27am
Andrew Eisen: I got hired to sing bass for an a cappella group tomorrow night. I have nine songs to learn. Yikes.
Andrew Eisen: I got hired to sing bass for an a cappella group tomorrow night. I have nine songs to learn. Yikes.
Posted 07/29/10 at 10:53pm
E. Zachary Knight: Zippy, I thought SC2 was only 1/3 of a game? ;)
E. Zachary Knight: Zippy, I thought SC2 was only 1/3 of a game? ;)
Posted 07/29/10 at 08:59pm
ZippyDSMlee: SC2 is god! BOW DOWN TO SC2!
ZippyDSMlee: SC2 is god! BOW DOWN TO SC2!
Posted 07/29/10 at 07:50pm
Cheater87: Garcia that sounds like a A/V problem. Try turning the TV on and off or doing that with the AV changer. Thats how I fix mine.
Cheater87: Garcia that sounds like a A/V problem. Try turning the TV on and off or doing that with the AV changer. Thats how I fix mine.
Posted 07/29/10 at 06:50pm
Andrew Eisen: The urinals now have floor mats!
Andrew Eisen: The urinals now have floor mats!
Posted 07/29/10 at 04:54pm
Rodrigo Ybáñez García: My PS3 is having some kind of failure. The sound is still there but the image is totally out...
Rodrigo Ybáñez García: My PS3 is having some kind of failure. The sound is still there but the image is totally out...
Posted 07/29/10 at 03:39pm
ZippyDSMlee: SC2!!SC2!!!SC2!!!!!!
ZippyDSMlee: SC2!!SC2!!!SC2!!!!!!
Posted 07/28/10 at 02:45pm
beemoh: Farmville creator Zynga closes one of its games, customers who paid for in-game content unimpressed (Link)
beemoh: Farmville creator Zynga closes one of its games, customers who paid for in-game content unimpressed (Link)
Posted 07/28/10 at 09:49am
Rodrigo Ybáñez García: He blames the internet, but not his abusive mother.
Rodrigo Ybáñez García: He blames the internet, but not his abusive mother.
Posted 07/28/10 at 09:48am
Rodrigo Ybáñez García: Akihabara murderer blames cyber bullying for rampage in 2008
Rodrigo Ybáñez García: Akihabara murderer blames cyber bullying for rampage in 2008
Posted 07/27/10 at 02:49pm
E. Zachary Knight: Holy Awesome Game Trailers Batman. Superman heat visioning people in the face and Jedi using Hadouken. Awesome.
E. Zachary Knight: Holy Awesome Game Trailers Batman. Superman heat visioning people in the face and Jedi using Hadouken. Awesome.
Posted 07/27/10 at 01:36pm
ZippyDSMlee: Ah I didnt see it down there :P
ZippyDSMlee: Ah I didnt see it down there :P
Posted 07/25/10 at 01:51pm
ZippyDSMlee: Cheater87:I do not think they see the need for it its a shame its more needed than E10.....
ZippyDSMlee: Cheater87:I do not think they see the need for it its a shame its more needed than E10.....
Posted 07/24/10 at 08:19pm
Cheater87: Zippy I sent them an email about a 15 age category a year or so ago and they said they had no plans for one at the moment. I'll send another one and see if they respond back again.
Cheater87: Zippy I sent them an email about a 15 age category a year or so ago and they said they had no plans for one at the moment. I'll send another one and see if they respond back again.
Copyright © 2007 ECA. All rights reserved.
Game Politics and Game Politics logo are trademarks of the ECA.
Game Politics and Game Politics logo are trademarks of the ECA.
Comments
Does sony even produce the original anymore?
Though i'd imagine they would special order if the ICE asked them
I do find it quite strange how switching saves $8,000 dollars, just seems weird that such a simple solution of rigging together several PS3's saves so much money, and is just as, or more effective.
It saves money as Sony was (perhaps even still is) underpricing the PS3. It costs more to build it than they sell it for. They later plan to get profits based of royalties from games sold and other product placement. Plus, they don't have to pay people to build the systems, as a PS3 is already prebuilt. So that's possibly where they got the savings from.
This shows us a few things about our government:
1. They overbid on every dang thing out there, even buying computers in bulk.
2. They don't build their own computers, but instead buy pre-made ones even though it cost them more money in the long run.
3. They don't understand the concept of custom building motherboards and server blades where they could build multi-processor computers that would utterly rape the PS3, and manufacture it through a contract they have actually researched the value of, and cost far less per calculation.
4. Though this is an improvement, their system would most likely be 5+ years old, where an $8,000 computer would be something comparable to a netbook at best.
5. They still know nothing about computers, and therefore are probably only getting the dumbest pedos out there, because they are most likely using out dated methods.
Nido Web Flash Tutorials AS2 and AS3 Tutorials for anyone interested.
How to set Xbox 360 Parental Controls
Allow me to correct you.
1. Goverment doesn't overpay for equipment, they have special contracts with vendors that sell sell the equipment at a discounted price. Usualy we buy parts cheaper than anyone else.
2. Making computers was acceptable a couple of years back but tracking them was hard because they did not had a a serial number so they could be put on inventory with what it's known as an "asset tag". So now we only buy computers from established manufacturers (Dell, HP, etc).
3. Guess you don't understand the full scope or ordering a server or a blade system. You can't just go to newegg.com or tigerdirect.com and make your own, it doen't work that way. This is not like making a computer to play games genious.
4. Funny you mention that, goverment computers are used around for 3 to 5 years depending of the goverment branch you work on.
5. Dumb comment... not worth the effort of correcting you here.
You can find the original people selling them on craigslist.com for cheap. It's easy or off of ebay or half.com.
"It's better to be hated for who you are, then be loved for who you are not." - Montgomery Gentry
But I never knew the PS3 could do that w/passwords. WOW!!!!!!!!!! O.o But anyways, that is cool they are using a console to crack down on pedo's. : )
"It's better to be hated for who you are, then be loved for who you are not." - Montgomery Gentry
Well according to some people, consoles make it easier for paedos to find targets.
--------------------------------------------------
I LIKE the fence. I get 2 groups to laugh at then.
and now we can say it makes it easier to gather the evidence to find them.
Cheaper at least.
Pornographers yes, predators no (let's hope Sony keeps chat dialogues).
---------------------------------------------------- Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Not sure if they still do, but at one point they had an option where you could leave your PS3 on and networked and its processing power would be used by the Human Genome Project. If it can do that it can definitely crack a few pervert passwords.
I can't wait until somebody hooks them up to the internet, an update downloads, and their machines go cactus.
So it takes about 814 days to find a 6 digit password for sure.
Good to know that I'll be dead for a long time when they find out my password. And If I add two TrueCrypt Keyfiles they'll need several generations.
They said cheaper, not more efficient in cracking codes. Baby steps, dude, baby steps.
This is of course assuming that they need to go through every password iteration each time they crack any password. Assuming their approach never differs, then there'd only ever be one password that would take the full allotment of time to crack; wouldn't the average time to crack be half that value? (Since the first possible password would be cracked in effectively '0' time, and each consecutive password taking a a step more time toward the maximum time?)
For what I presume is brute force, cracking a password every 407 days doesn't seem that bad; and if they add more machines to their bank is it equally, more or less efficient? If they double their machines, will they be cracking 8mil/second, more or less? If their prosped trippling of their console bank improves their maximum time to 271 days for a maxmimum crack time, I'd say that's pretty good.
I wonder if this violates the 6th amendment right to a speedy trial, or does taking forever to set a trial date (without any help from lawyers) not qualify?
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Show your math for the last paragraph if you don't mind.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Isn't it obvious?
281,474,976,710,656 possible passwords / 4,000,000 passwords per second = 70368744, the number of seconds to cover the entire password space.
70368744 / 60 = 1172812, the number of minutes.
1172812 / 60 = 19547, the number of hours.
19546 / 24 = 814, the number of days.
That's why I said for the last paragrpagh the one where he talks about being dead and taking several generations.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Assuming the cracking software is trying each of the 256 possible values for each character in the password (such that 256^6 = 281,474,976,710,656 for 6 characters, as in the original example), a 7 character password would yield 256^7 = 72,057,594,037,927,936 possible combinations, which translates to approximately 571 years at the stated speed of 4,000,000 tests per second.
And that's for just one guy's password.
Oh ok, so for a practical standpoint we'd be better just trying to reverse the supreme court decision then waiting for the computing power to catch up.
Hell you'd think the government would have super computers, they helped create the internet for crying out loud.
Let me try the math, my password for my computer is 12 characters long, we'll give them some benefit and limit them to lower case letters and numbers.
So 36^12= 4,738,381,338,321,616,896
/(4,000,000*60*60*24*365) equals 37,563 years at most.
...
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
And that is also you working with one machine instead of say 6-8 hooked up together.
It is also you giving the longest possible time alloted for each device which is also rather silly.
It isn't the best, but it is as effective as their old system and it is extremely cheap by comparison. Let's say they have their set-up the same as the one they do with the PS3, 6-8 $8,000 computers would be $48,000 - $84,000 vs. $1,800 - $2,400 for just one station. I doubt there is just one station out there, but let's be major conservative and say it takes the place of 10 stations instead of opting for the computer based stations. That is a saving of $462,000 - $816,000 tax payer dollars.
"And that is also you working with one machine instead of say 6-8 hooked up together."
Wrong. The stated figure of 4,000,000 passwords per second is for the whole cluster of 20 PS3s.
"It is also you giving the longest possible time alloted for each device which is also rather silly."
In theory you could crack a password of arbitrary length on your very first attempt, but that's not so likely to happen. Think of it as improving your chances after every failed test: For a 7 character password, you'd have a 100% chance of cracking it sooner than 571 years, a 75% chance of cracking it sooner than 428 years, a 50% chance of cracking it within 286 years, a 25% chance of cracking it within 143 years, a 10% chance of cracking it within 57 years, and a 1% chance of cracking it within 6 years. As you can see, cracking even a single 7-character password in a reasonable amount of time is a bit like winning the lottery.
Like I said, it's little more than feel-good technology. I suppose doing something -- anything, however worthless -- makes people feel like the government is doing something useful with their money.
And of course there's no way to tell the correct length of the password in advance.
I'm just wondering , Are they using a single console or they have severral PS3s clustered. They do not state that the 4 million passwords per second claim is per console or anything like that.
They have them clustered: "The networked Playstation 3s can process 4 million passwords per second, cutting down on the time necessary to find the correct combination."
It does 4 million passwords per second for what kind of encryption technology? Cracking a ZIP file password is much cheaper than cracking a RAR password, for instance, such that it becomes extremely impractical to crack RAR passwords past relatively short lengths. I've read that even a six character RAR password would be too long to crack reliably by brute force, which leads me to think this is little more than feel-good technology that at best will catch only the stupidest of criminals.
I think you fools mean GNU/Linux.
Linux is not an operating system. That just refers to the kernal.
Dur
Nobody cares about linux. Except you it seems.
--------------------------------------------------
I LIKE the fence. I get 2 groups to laugh at then.
It goes some way towards explaining where the stereotype of Linux users comes from though, doesn't it?
It should be noted that a US federal judge has ruled that passwords are NOT covered under the 5th ammendment.
This is still in flux at least, but for the moment there is no such consitutional protection.
Such a ruling. if one existed, would hardly be surprising given that the the Fifth Amendment addresses the unrelated issues of grand jury indictments, double jeopardy, forcing the accused to testify as a witness in their own criminal trial, due process, and eminent domain.
I suspect you meant to refer to the Fourth Amendment, which addresses unlawful search and seizure and the need for a warrant.
Nope, I was referring to the 5th amendment, specifically the right to not self incriminate. The ruling basically said that being forced to divulge your password does not count as self incrimination and thus if you continue to refuse that becomes a crime unto itself.
If given a choice between snitching on myself to a possible child pornography charge and taking the rap on an obstruction of justice charge, I'll take the latter.
The tricky part is, trials over kiddy porn have notoriously low standards of proof since juries are easily shocked by even the accusation.
So one has to balance if withholding the password is likely to result in the dropping or the original charges or if it will make your sentance even longer. Juries often see kiddy porn as SO horrible that the risk of sending an innocent person to jail is less a worry then letting a guilty one go. Combine that with 'why would the person refuse if they were innocent?' and refusal is unlikly to help any.
Combine this with the fact that we probably shouldn't be giving legal advice
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
What I'm not seeing is why law enforcement would be forced to ask anyone facing trial on child pornography charges to disclose their computer password. I'd imagine that upon arrest, there's more than enough probable cause for a search warrant and that your computer would already be in the hands of law enforcement and being turn inside out and upside down long before the case came to trial. Once they've got your computer, do they need to get a password from you? They'd just whip out their trusty PS3 and get to cracking the password. At that point, they ain't gots to ask you for shit. They're taking it.
Well if they asked for the password it would take less time than to process it.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
But if the answer they get the first time they ask is "No," then time spent asking again could be time better spent processing.
But what if the password is "No"?
Cracking passwords is a bit of a crapshoot. It generally only works if they picked a weak password or a bad algorithm. If you do not have either of those, no amount of computing power you can reasonably bring to bear will be enough.
Although if it still violates the 4th to demand a password the ruling doesn't help much.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
The Fourth doesn't prohibit the state asking for consentually given information. No more than it would prohibit a cop asking you to open your trunk so he can search inside. What is does prohibit is the cop from searching your trunk if you refuse to give consent and he doesn't have either a warrant or probable cause.
Yeah, I am less worried about them playing video games on them, and more worried about them using this to get passwords to users accounts other than pedos. There just can't be that many pedos in the world to rationalize doing this. At least I wouldn't think so...
Either way, I see them turning this onto their own people before foreign threats.
Nido Web Flash Tutorials AS2 and AS3 Tutorials for anyone interested.
How to set Xbox 360 Parental Controls
Darn, no 360 vs. PS3 flame war?
A 360 would melt if you tried to use one for this
is that enough flamebait for you?
Not for me it is. I'd rather see a flame war in which John Keefer represents the 360 and DarkSaber represents the PS3. That's my idea of a good flame war.
"Laaaadies and gentlemen, let's get ready to rummmmmmble!!"
"After securing a warrant, agents can seize and search a suspect's computer, but the Fourth Amendment prevents authorities from forcing suspects to surrender their passwords, Davenport said."
Does anyone know where this was decided? It seems so inconsistent and stupid (this coming form a libertarian), like if you were given a warrant to search a house, and you find a locked drawer but you're not allowed to make the suspect hand over the key.
Oh and
"Senior Special Agent Claude Davenport noted that there is no need to worry about government employees playing games on the consoles, “There's no controllers hooked up.”"
Upon further investigation one agent realized that project Natal would not be ported to the PS3 and the project was abandoned.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
I seem to recall a case where a young man was caught at an airport with child pornography on his Laptop, but he managed to power-down the laptop which required a password to restart, I'm pretty sure GP covered it.
A search for password didn't find it on GP.
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/15/AR200801...
Can't find it here either, but here's a link to the Washington Post article.
So my math tells me that there are 256 possible choices for each character (original number to the power of 1/6). So let's see assuming it's case sensitive
52- Letters
20-Numbers (+ shift values)
22-other characters on the key board
1-space bar
equals 95, so where do the other 161 come from or is just some trick with binary?
----------------------------------------------------
Debates are like merry go rounds. Two people take their positions then they go through the same points over and over and over again. Then when it's over they have the same positions they started in.
Extended ASCII table http://www.ascii-code.com/
well i can see the sony fanboys trying to use this as saying the ps3 is better than a PC.
Heh, it's certainly evidence that they are cheaper ;)
I never knew that PS3 was able to do such a thing.
Like I am sure that Windows 7 software is MORE powerful than a PS3.
It's not so much the software as it is the hardware that determines a computer's capabilities. I could install Windows 7 on my computer (manufactured in 2004) and it wouldn't hold a candle to a brand new computer with XP on it.
Unless you're talking about 32 bit XP then it would only utilize the first 2 gigs of ram that pc has....
What the hell is a "suspected pedophile"? Is that like "you might be gay because you like fashion"?
You have to call them "suspected" until they're convicted in a court of law, otherwise you face possible libel and/or slander charges. Watch any news network discuss a criminal act, they do it all the time ("the alleged Fort Worth shooter", etc).