Oh Origin, you so cute

Started by Mr. Analog, December 16, 2015, 01:42:08 PM

Previous topic - Next topic

Mr. Analog

Hahaha

So thing 1: You can't gift games through Origin

And according to them, I @%&# you not, they recommend you buy a game key off other sites to gift games (by giving the other person the key) 'cause that's not fraught with problems!

Thing 2: Using their help triggers the system to call you a "Noob", through an achievement system

The funny thing though is that their own help didn't have answers, I had to go to Google

Thing the Third: The reason they don't let users gift stuff to one another is "security"

yah... about that http://techcrunch.com/2015/10/16/ea-denies-data-breach-after-list-of-compromised-user-accounts-emails-pops-up-online/

bwah bwuh

Not only that but like their password system has a character limit (16) and does not allow for non-alphanumeric characters, so how long would it take to rainbow table a 16 byte alphanumeric password? Seems kinda... weak




Anyway, their account deletion process is actually ok, you talk a person in live chat and they terminate your account after you agree to a brief bit of paperwork that informs you that anything you put up on your account is theirs and you can't get that username back etc, etc

I just hope to god the new Mirror's Edge doesn't require an Origin account otherwise I won't be playing it  :snooty:
By Grabthar's Hammer

Melbosa

QuoteNot only that but like their password system has a character limit (16) and does not allow for non-alphanumeric characters, so how long would it take to rainbow table a 16 byte alphanumeric password? Seems kinda... weak
Well while I don't know about new accounts, mine has @ and ! signs in it and it works.
Sometimes I Think Before I Type... Sometimes!

Mr. Analog

Quote from: Melbosa on December 16, 2015, 01:57:02 PM
QuoteNot only that but like their password system has a character limit (16) and does not allow for non-alphanumeric characters, so how long would it take to rainbow table a 16 byte alphanumeric password? Seems kinda... weak
Well while I don't know about new accounts, mine has @ and ! signs in it and it works.

Apparently "." is an illegal character
By Grabthar's Hammer

Melbosa

Sometimes I Think Before I Type... Sometimes!

Thorin

alphanumeric?


password of one character:                                      36 possibilities
password of two characters:                                  1,296 possibilities
password of three characters:                               46,656 possibilities
password of four characters:                             1,679,616 possibilities
password of five characters:                            60,466,176 possibilities
password of six characters:                          2,176,782,336 possibilities
password of seven characters:                       78,364,164,096 possibilities
password of eight characters:                    2,821,109,907,456 possibilities
password of nine characters:                   101,559,956,668,416 possibilities
password of ten characters:                  3,656,158,440,062,976 possibilities
password of eleven characters:             131,621,703,842,267,136 possibilities
password of twelve characters:           4,738,381,338,321,616,896 possibilities
password of thirteen characters:       170,581,728,179,578,208,256 possibilities
password of fourteen characters:     6,140,942,214,464,815,497,216 possibilities
password of fifteen characters:    221,073,919,720,733,357,899,776 possibilities
password of sixteen characters:  7,958,661,109,946,400,884,391,936 possibilities
total                            8,186,051,427,373,440,909,660,276


That's eight yottabytes of possibilities.  Then hash all those possibilities and load them all in memory (since that's what makes rainbow tables so fast - they're loaded in memory).  Lets assume we have a hashing algorithm that takes 16 bytes per hash, we now need 128 yottabytes of RAM.

Compared to only allowing eight alphanumerics per password, where there are only 2,901,713,047,668 possibilities, that's shy of three terabytes of possibilities, so about 10 terabytes of RAM needed.

If you're willing to deal with memory that is a thousand times slower, then you leave this data on disk and query against it.  And there's a huge difference between 8 alphanumerics (3 hard drives total?) and 16 alphanumerics (3 trillion hard drives).

Of course, a real hacker would first try the four most common passwords: 123456, password, 12345, qwerty.  Then next the hacker would make a subset of real words to hash to make the tables fit into RAM for amazingly speedy lookup.  If you have a password made of 16 alphanumerics and with no real words, it's surprisingly hard to brute force or rainbow.  And it would be pretty much impossible for a hacker to get ten different such passwords if every password was salted with a different salt.
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful

Thorin

However, getting labelled n00b because you tried using their help system is just ignorant.
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful