New Moxie Marlinspike Tool Cracks Crypto Passwords 71
Gunkerty Jeb writes "Moxie Marlinspike, the security and privacy researcher known for his SSLStrip, Convergence and RedPhone tools, has released a new tool that can crack passwords used for some VPNs and wireless networks that rely on encryption using Microsoft's MS-CHAPv2 protocol. Marlinspike discussed the tool during a talk at DEF CON over the weekend, and it is available for download."
so what? (Score:3, Insightful)
not trying to be brash, or curt or whatever, but can someone explain the larger implications?
what does this mean for me (the average non-very-savvy-when-it-comes-to-security person)?
should I stop using tor (is tor pptp?)?
should I stop using vpn, or wpa wireless networks?
this actually doesn't seem that interesting, I mean, if you use a cloud-based cracker, couldn't you have submitted the wpa handshake there already?
Re:this is the same (Score:2, Insightful)
Are the Russians interested, or do you mean Guantanamo?
Yes.