FBI Uses PS3s to Catch Pedophiles
- Thread starter John Funk
- Start date
Wait...what? It wasn't even that expensive when it came out. Right now there is only a $100 difference. Don't get me wrong $100 is a lot of money, but your exaggeration is...extreme.Anoctris said:
Also, as it turns out GTA IV runs fine on the ps3, trophies and all. However, the episodes from liberty city are exclusive. If that was the joke you were going for, bravo, you are quite the original thinker.
That boast could easily be misconstrued.vivaldiscool said:
OT: Neat. Much better than the supercomputer the Afghans were allegedly building from PS1's all those years ago.
I never said I owned a PS3... As I don't... True it's expensive. but you came on here with the sole intention to flame the PS3. So be a dear and leave the thread?Anoctris said:
Ok, the number crunching thing I could accept as being possible but curing cancer?Otterpoet said:
That's got to be propaganda (buy a PS3 today! It: calculates, detoxifies, comes in all colours, one size fits all, never runs out of batteries, never needs winding, it can turn you into a nine year old Hindu boy and get rid of your wife, it cuts weight off busts, chins, thighs and finds you a job, it is a job and it is the only product you will ever need, drive it away today and no salesman will visit your home).
I dunno about cool. In fact, I have to say, this is a very fluffy PR article with no real substance. Let's take it to pieces:
Firstly, basic error: it's not 256^6. That's six bytes, not six characters. But your passphrase very, very probably does not contain zero-bytes, and very probably not control characters. Entropy of passphrases is almost always quite a lot less than 8 bits per character. And you try common dictionary attacks first of course, which is what this is really used for. Or Rainbow table generation.
Secondly, the use of PS3 in crypto attacks is not news; most of the massively-parallel crypto/computational stuff Cell was aimed at in the workstation sector actually ended up causing labs to buy hundreds of cheap commodity PS3s instead, which ended up being way more cost-effective than the overpriced Cell workstations, with only one more SPU each. The MD5 SSL "tunneled" collisions were calculated using a 200-strong PS3 cluster, for example.
It's rather unfortunate the "Other OS" thing was taken out for the slim, because running using less power and heat would have been helpful for clusters, as AccessData points out in the article.
However, they've now fallen somewhat behind, because modern graphics cards (see ElcomSoft's recent work, for example) can use CUDA or various shaders to get quite a lot more power for exactly this kind of computation, and it's made the PS3 approach almost obsolete overnight. A PS3 Cell can push about 20 GigaFLOPs, optimally (source: Folding@home). Impressive when it came out. But a fast quadcore CPU today is 70 GigaFLOPs. And your £150 4870 X2 not only plays a mean game, in the right circumstances it's 30-100 times faster at password cracking than a PS3 Cell. You could buy just one ordinary gaming PC, put a couple of 4870 X2s in it, like I don't doubt many of us have, and clean the clock of this entire 60 PS3 cluster, for a fraction of the price and running cost. And, the extremely rapid rate of development in graphics card technology means it's getting faster, rapidly (the R800 is about 3000 GigaFLOPs).
Thirdly, this attack is totally, stunningly ineffective against a good passphrase, which anyone who'd done their homework, or read the documentation of the crypto software, would know to use. A 6-word random "Diceware" (google it) passphrase (or the equivalent, roughly 16 randomly-chosen lower-case letters) wouldn't be crackable with anything of this magnitude in the next few years, making such an attack impractical. 10 random Diceware words (or a 22 alphanumeric mixed-case passphrase, or 28 lower-case letters) would get you over 128 bits of entropy and make any attack of this kind beyond anyone's reach for the foreseeable future.
Fourthly, because of the above, a dumb brute force attack like this, after the fact on hard drives you've seized, is decidedly the wrong way to do it. The right way to do it is to get a bugging warrant and plant a hardware keylogger or observe the passphrase being entered, then seize the hard drive. That's what the FBI do when they're actually being serious, say with Mafia bosses. (Or coercion, but there's the 4th Amendment barrier to law enforcement doing that.)
Fifthly, it mentions paedophiles for apparently very little actual reason. Brass Eye moment, right there. It's a transparent appeal to emotion used to grab headlines with little actual substance. I don't actually see where it mentions any convictions as a result of this. (That's odd, surely you'd be crowing about successfully bringing child molesters to justice if there were any successes, wouldn't you?) And, this isn't the FBI in this article, this is ICE. Odd, again; surely the wrong agency for child protection work? Is there a point to this other than to say that ICE just bought 40 PS3s off eBay? 60 PS3s, as I said above, ain't gonna get you far.
And finally, the dude says "There's no controllers hooked up". I'd just like to point out that that does not say they're not playing them; PlayStation®3 controllers are wireless, so almost by definition, unless you're charging them... they're not hooked up. Hmm. Now if there were no monitors hooked up, maybe then I wouldn't be so sceptical...
Firstly, basic error: it's not 256^6. That's six bytes, not six characters. But your passphrase very, very probably does not contain zero-bytes, and very probably not control characters. Entropy of passphrases is almost always quite a lot less than 8 bits per character. And you try common dictionary attacks first of course, which is what this is really used for. Or Rainbow table generation.
Secondly, the use of PS3 in crypto attacks is not news; most of the massively-parallel crypto/computational stuff Cell was aimed at in the workstation sector actually ended up causing labs to buy hundreds of cheap commodity PS3s instead, which ended up being way more cost-effective than the overpriced Cell workstations, with only one more SPU each. The MD5 SSL "tunneled" collisions were calculated using a 200-strong PS3 cluster, for example.
It's rather unfortunate the "Other OS" thing was taken out for the slim, because running using less power and heat would have been helpful for clusters, as AccessData points out in the article.
However, they've now fallen somewhat behind, because modern graphics cards (see ElcomSoft's recent work, for example) can use CUDA or various shaders to get quite a lot more power for exactly this kind of computation, and it's made the PS3 approach almost obsolete overnight. A PS3 Cell can push about 20 GigaFLOPs, optimally (source: Folding@home). Impressive when it came out. But a fast quadcore CPU today is 70 GigaFLOPs. And your £150 4870 X2 not only plays a mean game, in the right circumstances it's 30-100 times faster at password cracking than a PS3 Cell. You could buy just one ordinary gaming PC, put a couple of 4870 X2s in it, like I don't doubt many of us have, and clean the clock of this entire 60 PS3 cluster, for a fraction of the price and running cost. And, the extremely rapid rate of development in graphics card technology means it's getting faster, rapidly (the R800 is about 3000 GigaFLOPs).
Thirdly, this attack is totally, stunningly ineffective against a good passphrase, which anyone who'd done their homework, or read the documentation of the crypto software, would know to use. A 6-word random "Diceware" (google it) passphrase (or the equivalent, roughly 16 randomly-chosen lower-case letters) wouldn't be crackable with anything of this magnitude in the next few years, making such an attack impractical. 10 random Diceware words (or a 22 alphanumeric mixed-case passphrase, or 28 lower-case letters) would get you over 128 bits of entropy and make any attack of this kind beyond anyone's reach for the foreseeable future.
Fourthly, because of the above, a dumb brute force attack like this, after the fact on hard drives you've seized, is decidedly the wrong way to do it. The right way to do it is to get a bugging warrant and plant a hardware keylogger or observe the passphrase being entered, then seize the hard drive. That's what the FBI do when they're actually being serious, say with Mafia bosses. (Or coercion, but there's the 4th Amendment barrier to law enforcement doing that.)
Fifthly, it mentions paedophiles for apparently very little actual reason. Brass Eye moment, right there. It's a transparent appeal to emotion used to grab headlines with little actual substance. I don't actually see where it mentions any convictions as a result of this. (That's odd, surely you'd be crowing about successfully bringing child molesters to justice if there were any successes, wouldn't you?) And, this isn't the FBI in this article, this is ICE. Odd, again; surely the wrong agency for child protection work? Is there a point to this other than to say that ICE just bought 40 PS3s off eBay? 60 PS3s, as I said above, ain't gonna get you far.
And finally, the dude says "There's no controllers hooked up". I'd just like to point out that that does not say they're not playing them; PlayStation®3 controllers are wireless, so almost by definition, unless you're charging them... they're not hooked up. Hmm. Now if there were no monitors hooked up, maybe then I wouldn't be so sceptical...
While I recognize the humor quotient of your post, did you actually read the linked article? It's basically Folding@home, but for protein analysis and the like that cancer researchers are doing - distributed processing taking advantage of the computational power of consoles people just leave turned on and hooked up to the internet.Iron Mal said:
Win
I bet the Xbox would just RROD all over the passwords, and evil, moustache-twirling pedos would get away in apache helicopters and hop the border
I really wish the FBI was like that...sigh
I bet the Xbox would just RROD all over the passwords, and evil, moustache-twirling pedos would get away in apache helicopters and hop the border
I really wish the FBI was like that...sigh
I can only imagine a certain scene during online play.
User 1: Hey, want some candy?
User 2 (FBI): FBI! SURRENDER AT ONCE!
User 1: Whaaaa..
User 2 shoots down User 1
User 2 talks to User 3: Don't worry son, that was a pedophile. If you see him, shoot him down.
User 1: Hey, want some candy?
User 2 (FBI): FBI! SURRENDER AT ONCE!
User 1: Whaaaa..
User 2 shoots down User 1
User 2 talks to User 3: Don't worry son, that was a pedophile. If you see him, shoot him down.
Unfortunatly, only the "FU" gets used on a forum. This topic right here is a good example as it has plunged into the "PS3 sucks, Xbox rules" state within only 6 posts.Dark Templar said:There is more than just "FU" you missed "O" "R" and "M".Casual Shinji said:
And I didn't say I was the only one, just that I did it first
The Escapist: The game site for the sophisticated gamer.