I know this story broke a couple of weeks ago, but I was on vacation. But I did think this was interesting for a couple of reasons. First, the game consoles we use are really powerful computers so don’t underestimate their capabilities. Second, what should we be doing to react?
What am I talking about?
I was cruising some of the blogs I link to so I naturally hit Kim Cameron’s Identity blog. An article there caught my eye. That blog of course links to the BBC story which as far as I can tell is the source.
Here’s an excerpt from the BBC story:
"Security researcher Nick Breese used a PS3 to crack supposedly strong eight-character passwords in hours. Typically, previous attempts to crack such passwords took days to get the same result."
As you can see, it’s a pretty scary thing to think about. Now what do we do about it? Sixteen character passwords? Multifactor authentication?
So like I said, if you see someone using a game console in your conference room, they may not be blowing off some steam after a hard days work. They may be hacking your network.