War Games Clock "Would you like to play a game?"

Stellar project

“Interesting game, the only way to win is not to play. How about a nice game of chess?”

Yeah, geeks in their forties.

And yet my favorite part of the movie now is how it took them weeks (months?) of research to hack the backdoor password instead of twenty seconds as in most movies.

To me it seemed like it was only a couple of days at most. Like I got the impression he went and visited Jim and Melvin the very next day, and then went to the library the day after that and did all of his research. Then maybe Jennifer came over on the 3rd day after David wasn’t in school for 2 days in a row. I dunno. That’s how I always thought of it.

Ha ha @caribis2, that’s my 2nd favorite line of the movie, right after the “sparkplug” line. Which, BTW, Barry Corbin improvised on the spot!

But the computer took mere minutes to break down the code instead of the 2500 years it would take a supercomputer to actually run through all those combinations.

That’s because a supercomputer is dumb and would just brute force its way through all the combinations. WOPR was self-aware, a true AI. It knew that the Air Force protected their launch codes through an electronic version of a mechanical lock, so it could just attack the tumblers one by one (character by character) rather than having to solve the whole thing at once. Duh!

I think a safer estimate of brute force would be around 115-130 years given the problem space. but that just doesn’t work for movies. I’m sure at some point in there I’d haev to take a break to eat.

That’s the dumbest way to create/manage a password or code. A kid could get that done in a couple of minutes.

Even without complexity rules or failed attempt lockouts there should be 36^10 (because upper case & #s only…to start nuclear war) combinations. But checking 1 character at a time just isn’t done.

Since it was done for the movie it should have been near instantaneous to human observers. Checking 36 values 10 times for a computer is a microsecond task.

It’s not logically consistent. Either it should take centuries or it’s instant.

(Yeah my wife argues that I overanalyze movies but…)

34^10 : 0 = O and 1 = I.

The last thing you want is an unlaunched ICBM () because someone was pounding on the zero key instead of the oh key.

And it takes an AI eight. Presumably because it doesn’t have arms and fingers.

Depends how it’s breaking the hash. I watched a password cracking tool crack one of my passwords once in a controlled test. What interested me the most is that it started at the END of the password. It was some years ago, so my memory of how long it took is way off, I’m sure… But it went kinda like this… It was a 10-character password. It got the LAST character after like 1 hour or less. I was shocked and amazed. It took a few more hours before it got the penultimate character. I went to bed. In the morning it’d gotten the final 3 characters. At that point I was certain it would eventually crack the entire code so I stopped the experiment. It was very interesting though!

Definitely slower than hacking the Gibson!

From watching the segments it’s rally looks like all the codes are 3 letters 4 numbers 3 letters. so that 10^6 x 26^4 = 456,976,000,000 An Apple II common in the era was 1MHz so 1 Million Cycles per second. Assume an average of about 5 cycles per instruction and maybe 90 instructions to attempt a launch code and thats like 2222 launch codes per second. 3600 seconds per hour, about 57127 hours google says 8760 hours per year so 6.5 years?

It’s actually fun pitting yourself against the tools most folks are using (my son is in cybersecurity - the apple doesn’t fall far ). I have a rogue WAP in my office that I’ve promised to turn off if our security guys can break into it. I’ve got a 38 character passcode for use and a 54 character one for admin. One try or it locks out for four hours.

They make no more sense than " Twas brillig, and the slithy toves did gyre and gimble in the wabe" does. (No the passwords aren’t related to the Jabberwocky, but they are similarly meaningless to anyone other than the mind that created them.)

In 3 years I haven’t had to turn it off.

I used to have fun with the team when they worked for me. They’d try locking down our network and close off certain countries or sites and I’d visit a page, screenshot it and ask them how I bypassed their controls. It was a fun game - kept all of us sharp and made for some light-hearted fun in an otherwise mundane job.

How… about a … nice game of Chess?

Those were vacuum tubes and light bulbs effectively. I saw some on very old electronic equipment once.

Right. For decades I’ve encouraged people to use a passPHRASE, not a passWORD.

My wife’s birthday is 27-Mar.

…meets every complexity standard, is super long, easy to remember, easy to type, and would take 1335639 centuries to crack according to Passfault. It’s the only way to go.

And as a bonus you no longer get in trouble for forgetting your wife’s birthday

Definitely. What drives me nuts are the sites that limit you to 10 or 16 characters or won’t let you use certain special characters. Hard to have a passphrase that small.

Something like this:
My m0ther h@s @ t0e bun10n 0n her c@nkles!

What drives me nuts are sites that have high level security to protect inconsequential information. Not only don’t I care if someone hacks it, but why would they??? I get that they are just integrating a password tool into their website, but if it can’t be customized down find one that can.

A few reasons off the top of my head…

• MANY people use the same 3, 2, or even 1 password for everything. They hack your Glowforge account and they may now also have your bank’s password.
• Knowledge is power. If somebody learns your Glowforge credentials, they can read something into how you think, or other personal information could be in that account that could help them hack into other accounts.
• Fun. Some people just like effing with people.

Note to anybody that might read this: No matter what the account, but especially sensitive information like your bank, if the site has the option to enable MFA, enable it. Right now. Now is the time to enable it.